Verifying the expiration of JWT (token)
Answered
Hi,
Let me ask you one question regarding the verification of expiration of JWT.
We are implementing the SSO environment with JWT at the customer's place.
As customer's requirement, it is required to include the information of expiration in the token.
Does Yellowfin have the function to check and verify the expiration of JWT?
If not, do you have any idea how to check and verify it?
The same question
Hi Junya,
Yellowfin does not contain any way to manage JWT tokens themselves. They are created using third-party software but can be used within Yellowfin.
If you set up the JWT to use the cookie delivery mechanism, it should be fairly simple to check the "exp" (expiry) attribute of the token for verification.
Depending on what you're using to generate JWT tokens, the code could vary, but this post on StackOverflow might help. You can compare the expiry attribute which is stored in Unix time and convert it to a standard datetime.
https://stackoverflow.com/questions/70879343/how-to-get-exp-from-jwt-token-and-compare-with-it-current-time-to-check-if-tok
Kind regards,
Chris
Hi Junya,
Yellowfin does not contain any way to manage JWT tokens themselves. They are created using third-party software but can be used within Yellowfin.
If you set up the JWT to use the cookie delivery mechanism, it should be fairly simple to check the "exp" (expiry) attribute of the token for verification.
Depending on what you're using to generate JWT tokens, the code could vary, but this post on StackOverflow might help. You can compare the expiry attribute which is stored in Unix time and convert it to a standard datetime.
https://stackoverflow.com/questions/70879343/how-to-get-exp-from-jwt-token-and-compare-with-it-current-time-to-check-if-tok
Kind regards,
Chris
Thank you Chris,
I have created the function to verify the expiration of the JWT with JWT library. Thank you very much.
However, the customer's requirement is to verify it with Yellowfin's function.
Therefore, the customer has chosen to use REST API to create SSO function, instead of JWT.
I understand that there is an existing task to support OpenID SSO in a future build.
https://community.yellowfinbi.com/topic/yellowfin-with-openid-connect
The customer might use this when it is built in the future.
Cheers,
Junya
Thank you Chris,
I have created the function to verify the expiration of the JWT with JWT library. Thank you very much.
However, the customer's requirement is to verify it with Yellowfin's function.
Therefore, the customer has chosen to use REST API to create SSO function, instead of JWT.
I understand that there is an existing task to support OpenID SSO in a future build.
https://community.yellowfinbi.com/topic/yellowfin-with-openid-connect
The customer might use this when it is built in the future.
Cheers,
Junya
Hi Junya,
No worries!
If the addition of support for OpenID SSO also fulfils this requirement then I assume we can close this off and wait for the enhancement to be implemented?
Kind regards,
Chris
Hi Junya,
No worries!
If the addition of support for OpenID SSO also fulfils this requirement then I assume we can close this off and wait for the enhancement to be implemented?
Kind regards,
Chris
Hi Junya,
I haven't heard back from you so I'll close this one off for now.
Kind regards,
Chris
Hi Junya,
I haven't heard back from you so I'll close this one off for now.
Kind regards,
Chris
Hi Chris,
Sorry for taking so long to get back to you.
Please close this off and we will wait for the enhancement to be implemented.
Cheers,
Junya
Hi Chris,
Sorry for taking so long to get back to you.
Please close this off and we will wait for the enhancement to be implemented.
Cheers,
Junya
Replies have been locked on this page!