Customize JWT

When calling APIs in Neuron, you need to first call the login API to generate a JWT, and then call other APIs for JWT verification. The default expiration time of the generated JWT is one hour, and you can generate a JWT with a custom expiration time.

What is JWT？

JWT is an open standard (RFC 7519) for securely transmitting information. The JWT structure consists of three parts: the header, payload and signature.

Neuron first searches for the corresponding .pem or .pub file under the certs subdirectory in the installation directory based on the iss field, and then verifies it based on the fields inside. The required JWT structure for Neuron is as follows:

json

header
{
    "alg": "RS256",
    "typ": "JWT"
}

payload
{
    "iss": "username",
    "iat": "1679622798",
    "exp": "1679626398",
    "aud": "neuron",
    "bodyEncode": "0"
}

typ: Using JWT
alg: Using RS256

Payload

iss: Defined it according to the requirements, but ensure that it is consistent with the filename of the generated public key file. For example, if the iss is "neuron", the public key filename generated should be neuron.pem.
iat: Time of issuance.
exp: Expiration time of issuance.
aud: neuron, cannot be modified.

Generate public and private keys

Before issuing JWT, you need to generate a pair of public and private keys, and put the generated public key public.pem in the certs subdirectory of the Neuron installation directory. Neuron automatically loads files in the certs directory and decodes them according to the public key.

TIP

The default installation path for Docker and deb/rpm installation packages is /opt/neuron.

The name of the public key file must be consistent with the issuer in the JWT.

Generate RSA keys using OpenSSL command-line tools:

bash

# generate private key
$ openssl genrsa -out private.key 2048
# generate public key
$ openssl rsa -in private.key -out public.pem -pubout

How to generate JWT?

To generate a JWT, you can use the JWT official website tool. Fill in the Decoded section as follows:

Algorithm: RS256
Header: Header
Payload: Payload
Verify Signature: Fill in -----BEGIN PUBLIC KEY----- and -----BEGIN RSA PRIVATE KEY-----.

Installing Neuron

Modbus RTU

Modbus TCP

Inovance Modbus TCP

OPC UA

OPC DA

Mitsubishi 3E

Siemens S7 ISO TCP

Siemens MPI

Omron FINS UDP

Beckhoff ADS

IEC60870-5-104

IEC61850

DL/T645-2007

BACnet/IP

Panasonic Mewtocol

SECS GEM HSMS

MQTT

eKuiper

SparkPlugB

WebSocket

SDK Tutorial

Customize JWT

What is JWT？

Header

Payload

Generate public and private keys

How to generate JWT?

Customize JWT ​

What is JWT？ ​

Header ​

Payload ​

Generate public and private keys ​

How to generate JWT? ​

Customize JWT

What is JWT？

Header

Payload

Generate public and private keys

How to generate JWT?