JWT and JWK authentication

This feature will handle .

This feature is defined in the method io.ktor.auth.jwt.jwt in the artifact io.ktor:ktor-auth-jwt:$ktor_version.

Gradle Kotlin DSL

dependencies { implementation("io.ktor:ktor-auth-jwt:$ktor_version")}

<project> … <dependencies> <dependency> <groupId>io.ktor</groupId> <artifactId>ktor-auth-jwt</artifactId> <version>${ktor.version}</version> <scope>compile</scope> </dependency> </dependencies></project>

JWT and JWK each have their own method with slightly different parameters. Both require the realm parameter, which is used in the WWW-Authenticate response header.

The verifier will use the secret to verify the signature to trust the source.You can also check the payload within callback to ensure everything is right and to produce a Principal.

JWT and JWK

JWT and JWK authentication

JWT auth: