JWT

The module enables validation of JSON Web Tokens (JWT) using specified keys. It is incompatible with the Auth JWT module.

Installation

To install the module, use one of the following packages:

• Angie: angie-module-jwt

• Angie PRO: angie-pro-module-jwt

Loading the Module

Enable the module in the main{} context:

load_module modules/ngx_http_auth_jwt_module.so;

Configuration Example

http {
    server {
        auth_jwt_key "0123456789abcdef" hex;
        auth_jwt     off;

        # Authorization via Authentication header
        location /secured-by-auth-header/ {
            auth_jwt on;
        }

        # Authorization via cookie
        location /secured-by-cookie/ {
            auth_jwt $cookie_MyCookieName;
        }

        # Key inheritance and override
        location /secured-by-auth-header-too/ {
            auth_jwt_key "another-secret";
            auth_jwt on;
        }

        # Authorization via RSA key
        location /secured-by-rsa-key/ {
            auth_jwt_key /etc/keys/rsa-public.pem file;
            auth_jwt on;
        }

        location /not-secure/ {}
    }
}

Additional Information

For detailed documentation and source code, see: max-lt/nginx-jwt-module