The CreateJsonWebTokenH256() function returns the HMAC-SHA256 encoded JWT (JSON Web Token) for given payload (json value) and secret (password text), using the standard JWT header {alg=HS256 and typ=JWT} or a custom header.

This function is NOT SQL compatible. For more information about SQL compatibility, see our documentation.

JWT tokens are used in authentication (Single Sign On) contexts, and designed to be compact, URL-safe and secure. Sites like Google or Zoom use JWT. They may provide information on how to work with their JWT for sign-on (with code examples for PHP, Python or C#), and if it supports the standard implementation, you can use this WEM Function to create the proper JWT - just provide the proper values for the payload and the secret. For the extensive standard information behind standard JWT, read the wiki pages.

This WEM implementation is following the basic standards - some sites may have custom implementations that deviate and therefore may not work with the WEM implementation.

Returns a Json Web Token (wiki) using the HMAC-SHA265 algorithm. Returns Unknown if one of the parameter values is unknown or outside the common valid boundaries.


CreateJsonWebTokenH256(payload, secret, secretisbase64encoded)

payload= { "sub": "1234567890", "name": "John Doe", "iat": 1516239022 } secret= "12someSecret34" secretisbase64encoded = false

=> eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.XKDbghkfPuObFZk-KuHB41t90E2YzIj89byAeqtV6lk

CreateJsonWebTokenH256(payload, secret, secretisbase64encoded, customheader)

payload= { "sub": "1234567890", "name": "John Doe", "iat": 1516239022 } secret= "12someSecret34" secretisbase64encoded = false customheader = { "alg": "HS256", "typ": "JWT" }

=> eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.XKDbghkfPuObFZk-KuHB41t90E2YzIj89byAeqtV6lk





A json-formed set of claims (see wiki)



Text or data field that holds the encryption secret.



indicates whether the secret is base64 encoded (true) or plaintext (false)



You can also use a custom header according to the JWT definition.

Last updated