The GlideJWT API is a scoped, scriptable API which generates a JWT. There are three arguments necessary before generating the JWT:

• Sys_id of JWT Provider
• JSON serialized header
• JSON serialized payload

There are two JWT API scripts, JWTTokenInternal and JWTTokenRestricted, that you can use when configuring a JWT Provider. The JWTTokenRestricted script enables administrators to configure who can generate a JWT. The JWTTokenInternal script is read-only and enables only logged in users to generate a JWT.

To generate a JWT:

• Create a JWT Key with a shared key (HMAC) or a signing keystore (RSA)
• Associate a JWT provider with the signing configuration referring a JWT key

You can use the API to create your token.

var jwtAPI = new sn_auth.GlideJWTAPI();
var headerJSON = {  "kid": "a1234"  };
var header = JSON.stringify(headerJSON);

var payloadJSON = { "jti": "testjti", "iss": "testiss", "sub": "testsub" };
var payload = JSON.stringify(payloadJSON);

var jwtProviderSysId = "7a40dde2d5303300964fb7c8f3c14ab5";
var jwt = jwtAPI.generateJWT(jwtProviderSysId, header, payload);

gs.info("JWT:" + jwt);