JWT Authentication Docs says:
JWT Based Auth:
Enable JWT based authentication using --jwt-secret thisismysecret. Requests to the server need to contain a valid JWT token in the Authorization header that is signed using this secret and the HS256 algorithm.
The user must have username and role attributes. If the role is admin, all endpoints are accessible. If the role is user, endpoints with a sender_id parameter are only accessible if the sender_id matches the user’s username.
–jwt-secret thisismysecret Your requests should have set a proper JWT header:
“Authorization”: “Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ” “zdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIi” “wiaWF0IjoxNTE2MjM5MDIyfQ.qdrr2_a7Sd80gmCWjnDomO” “Gl8eZFVfKXA6jhncgRn-I”
I am using Rasa Talk. it has JWTSECRET as a parameter in .env file (Rasa Talk is similar like UI of Rasa X)
I have used http://www.jwt.io - created a payload . username and role was given in JSON format . header.payload.signature was created.
Rasa Talk .env file JWTSECRET=“header.payload.signature” - was given.
rasa run -vv --enable-api --jwt-secret thisismysecret - given and started.
But when I login to Rasa Talk, it is not able to connect to Rasa Server and show me the status.
How does this jwt works.