Skip to main content
Skip table of contents

JWT Authentication

The JSON Web Token (JWT) Authentication Plugin enforces JWT authentication for selected Consumers for a Service, Route, or the gateway.

Plugin Properties

DescriptionA brief description of the Plugin.
ConsumersThe Consumers that may access the Service, Route, or Gateway if valid credentials are presented
Query paramsA list of query param names to check for the request JWT. The first query param found will be selected
HeadersA list of HTTP header names to check for the request JWT. The first header found will be selected
Key Claim NameThe name of the JWT header property which holds the key identifier. This field defaults to "kid".
Maximum ExpirationThe maximum number of seconds limiting the lifetime of the JWT. This property can be used to limit the lifetime of the "exp" claim in the JWT.
EnabledCheck this box to enable the plugin.


At least one of Query params or Headers must be supplied. Query params are examined before headers and the first match in either category is selected. The selected value is assumed to contain a valid JWT. If the value does not contain a valid JWT, HTTP error 400 Bad Request is returned.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.