Skip to main content

MicroProfile JWT 2.1

MP JWT 2.1 specification outlines how signed JSON Web Token (JWT) tokens issued by OpenId Connect (OIDC), OAuth2 and other trusted providers can be verified and their claims used for Role Based Access Control (RBAC) of microservice endpoints. It also supports inner-signed and encrypted JWT tokens.

The Spec team meets on Thursdays every other day. The joining details can be found in the MicroProfile calendar.

Add a plug-in to import the Spec blogs. Make sure the Spec category exists on Blogs, etc (iterate on what blogs do in the Compatible page with importing content)

Functional changes

  • Support for RSA-OAEP-256 key management algorithm for decrypting JWT tokens has been added
  • ‘mp.jwt.decrypt.key.algorithm’ property for listing multiple JWT decryption algorithms has been added, requiring that both ‘RSA-OAEP’ and ‘RSA-OAEP-256’ must be accepted if ‘mp.jwt.decryption.algorithm’ is not set
  • ‘mp.jwt.verify.token.age’ property for restricting a token age has been introduced
  • ‘mp.jwt.verify.clock.skew’ property for configuring a leeway for the token expiry and age verification has been introduced

Light Maven coordinates

Copy Code 


<dependency>


    <groupId>org.eclipse.microprofile.jwt</groupId>


    <artifactId>microprofile-jwt-auth-api</artifactId>


    <version>2.1</version>


</dependency>

Compatible Implementations

Payara Services Ltd

Product
Java version
Payara Server Enterprise 6.12.0
Java 11
Certification ResultsDownload
Payara Server Community 6.2024.3
Java 11
Certification ResultsDownload
Payara Server Community (Web Profile) 6.2024.3
Java 11
Certification ResultsDownload
Payara Server Enterprise (Web Profile) 6.12.0
Java 11
Certification ResultsDownload

WebSphere

Product
Java version
IBM WebSphere Liberty 23.0.0.12
Java 11, Java 17
Certification ResultsDownload

Open Liberty

Product
Java version
Open Liberty 23.0.0.10-beta
Java 11, Java 17
Certification ResultsDownload
Open Liberty 23.0.0.12
Java 11, Java 17
Certification ResultsDownload

Ballots

Plan Review

The Specification Committee Ballot concluded successfully on 2023-04-20 with the following results.

Representative Representative for: Vote
Summers Pittman, Vincent Mayers Atlanta JUG
Emily Jiang, Nathan Rauh IBM +1
John Clingan, Roberto Cortez Red Hat -1
David Blevins, Amelia Eiras Tomitribe +1
Chandra Guntur, Michael Redlich Garden State Java User Group +1
Ed Bratt, Dmitry Kornilov Oracle +1
Jan Westerkamp, Heiko Rupp iJUG
Kenji Kazumura, Takahiro Nagao Fujitsu +1
Reza Rahman, Ed Burns Microsoft +1
Mingyue Huang Primeton +1
Alfonso Altamirano, Luis Neto Payara +1
Total 8
Non-binding votes Role Vote
Jonathan Gallimore +1
Total 1

Release Review

The Specification Committee Ballot concluded successfully on 2023-10-09 with the following results.

Representative Representative for: Vote
Vincent Mayers Atlanta JUG +1
Emily Jiang, Nathan Rauh IBM +1
John Clingan, Roberto Cortez Red Hat -1
David Blevins, Amelia Eiras Tomitribe +1
Chandra Guntur, Michael Redlich Garden State Java User Group +1
Ed Bratt, Dmitry Kornilov Oracle +1
Jan Westerkamp, Heiko Rupp iJUG +1
Kenji Kazumura, Takahiro Nagao Fujitsu +1
Reza Rahman, Ed Burns Microsoft +1
Mingyue Huang Primeton +1
Alfonso Altamirano, Luis Neto Payara +1
Feng Wang Asiainfo Anhui +1
Total 11
Non-binding votes Role Vote
Emerson Castaneda Community +1
Total 1

Help optimize Enterprise Java for a microservices architecture.

Join the MicroProfile Google Group, peruse recent topics or create your own, and join in on the conversation. It's that easy!

JOIN THE DISCUSSION
Close Menu