Documentation

Token Encryption

We will use the previous token signed with the secret as the payload of the new encrypted token. Like this, we have 2 levels of security.
 
For that we will use a different key, RSA 2048 Private-Public, and we will create another encrypted token.

 

This token will look like this:

 

RSA Token Example

 

The payload here is not visible and in the header we indicate that the content is another JWT token (see property content type cty).

 

The other properties in headers are algorithm and encryption type. The properties alg, enc and cty are mandatory and should have the exact values as in the example above.
 
You can check here a java example: https://github.com/datamint/SSO-sample/blob/master/JWTControllerEncryptedToken.java