JWT Based Auth

Hi @carla.lmeida, thanks for your question. As you pointed out correctly, you need to attach an Authorization header with a signed JWT to your request. The payload of that JWT needs to be a dictionary with a user field, containing a dictionary with username and role fields. Here’s one way of achieving this in python:

import jwt 

payload = {"user": {"username": "user123", "role": "admin"}}
signed = jwt.encode(payload, "secret", algorithm='HS256')

now if you want to send off the request in python, your auth header would be

header = {"Authorization": "Bearer {}".format(signed)}

or if not you may take the string signed and build a header for your curl command:

-H 'Authorization: Bearer <signed>'

I hope that helps!

3 Likes