JWT Framework
JWT Framework
JWT Framework
JWT Framework
Introduction
Introduction
Provided Features
Pre-requisite
Continous Integration
Contributing
The Easy Way
The "Easy" Way
The Components
Algorithm Management (JWA)
Key (JWK) and Key Set (JWKSet)
Header Checker
Claim Checker
Signed Tokens (JWS)
Encrypted Tokens (JWE)
The Symfony Bundle
Symfony Bundle
Algorithm Management
Key and Key Set Management
Key Management (JWK)
Key Set Management (JWKSet)
Header and Claim Checker Management
Signed Tokens
Encrypted Tokens
Configuration Helper
Events
Profiling/Debugging
Console Command
Console
Standalone Application
PHAR Application
Symfony Console
Advanced Topics
Security Recommendations
Nested Tokens
Serialization
Custom Algorithm
Signed tokens and
Encrypted tokens and
Benchmark
How To
Result table
Migration
Migration
Powered by GitBook

Key and Key Set Management

The JWK and JWKSet objects are provided by the web-token/jwt-core component. We recommend you to load these objects through environment variables.

With Symfony 3.4 or 4.0+, an environment variables processor is provided:

parameters:
    my_private_key: '%env(jwk:MY_PRIVATE_KEY)%'
    my_public_keyset: '%env(jwkset:MY_PUBLIC_KEYSET)%'

With the previous configuration, the environment variables MY_PRIVATE_KEY and MY_PUBLIC_KEYSET will be processed by Symfony and the container will contain the my_private_key and my_public_keyset with JWK and JWKSet objects respectively.

But it may not be sufficient for your project. You may need to load keys or key sets from other sources (e.g. key file) You may also want to use your keys as a container services you inject to other services.

This behaviour is possible by installing the web-token/jwt-key-mgmt component. To install it, just execute the following command line:

composer require web-token/jwt-key-mgmt
The Symfony Bundle - Previous
Algorithm Management
Next
Key Management (JWK)
Last updated 3 years ago
Edit on GitHub