JSON Web Token
JSON Web Token
📖 定义
JWT is a compact, URL-safe token format used to securely transmit information between parties. It consists of three parts: Header, Payload, and Signature, commonly used for authentication and information exchange.
🔗 在 Higress 中的应用
Higress has a built-in JWT authentication plugin, supporting JWT issuance verification, claims extraction, token refresh, and other functions, enabling unified authentication at the gateway layer.
💡 示例
- 1 JWT contains claim information such as user ID and roles
- 2 Use RS256 algorithm signature to ensure tokens are not tampered with
- 3 JWT's exp claim defines token expiration time
⚙️ 配置示例
YAML
# Higress JWT Authentication Configuration
plugins:
- name: jwt-auth
config:
issuer: "https://auth.example.com"
jwks_uri: "https://auth.example.com/.well-known/jwks.json"🔄 相关术语
❓ 常见问题
JSON Web Token 是什么?
JWT is a compact, URL-safe token format used to securely transmit information between parties. It consists of three parts: Header, Payload, and Signature, commonly used for authentication and information exchange.
Higress 如何支持 JSON Web Token?
Higress has a built-in JWT authentication plugin, supporting JWT issuance verification, claims extraction, token refresh, and other functions, enabling unified authentication at the gateway layer.
深入了解 Higress
探索更多 Higress 的功能和最佳实践