Build a JWT With a Shared Key

If you configured your application to use the client_secret_jwt client authentication method, then you want to build a JWT that you sign with the client_secret using an HMAC SHA algorithm (HS256, HS384, or HS512).

Using the NJWT library:

const njwt = require('njwt');

const clientSecret = "{clientSecret}"; // Or load from configuration
const clientId = "{clientId}"; // Or load from configuration
const now = Math.floor( new Date().getTime() / 1000 ); // seconds since epoch
const plus5Minutes = new Date( ( now + (5*60) ) * 1000); // Date object

const claims = {
  aud: "https://${yourOktaDomain}/oauth2/default/v1/token", // audience
};

const jwt = njwt.create(claims, clientSecret)
  .setIssuedAt(now)
  .setExpiration(plus5Minutes)
  .setIssuer(clientId)
  .setSubject(clientId)
  .compact();

Next: Build a JWT With a Private Key

Build a JWT With a Shared Key

On This Page