Generate New JWT Token
JWT Token are short lived tokens generated & kept as part of secure application configuration. This is scalable approach over traditional session management pattern.
However we have faced production issue after setting up long static token. JWT Token creation with nginx is based on hash key based. However new approaches like public & private key based JWT Token is also possible. We will focus on our scenario.
On 1st Jan 2020, we suddenly started observing 4xx count for server to server api calls. This is unusual, we digged further & found that all calls are failing with 401 response code. Hence realized issue with authentication. These tokens are configurable at calling few services level. There are services which had hard coded it!! We had to spend cycle of code change & deployment of various services with downtime of 2+ hours.
This year, we decided to perform activity pro-actively. So below sample code being used for generating new token with expiry 6 months from now.
Steps to generate new JWT token with script
- Open Existing jwt token key file(.jwt/.jwk) from nginx conf
- Modify key in the script accordingly
- Modify desired expiry date of new token
- Supply appropriate application name
- Execute code & share final jwt token to calling application
Ideal Scenario
This JWT token should not be hardcoded. It should have generated application side & expiry should be max 1 day.
Reference:
