JSON Web Token Authentication

LAST UPDATED: DEC 5, 2024

JSON Web Token (JWT) enables authentication by encoding claims within a digitally signed token, ensuring secure validation of user identity and permissions. Follow the steps in this article to send a JWT-encoded request in Postman.

Prerequisites

• Postman

• JWT encoding tool

• JWT webhook authentication enabled

How to Enable JWT Webhook Authentication on D3 vSOC

1. Open the Web Config settings.

   

   1. Click on the Configuration navigational link.

   2. Click on the Application Settings icon.

   3. Click on the Web Config option.

2. Set the EnableEnhanceWebhookAuthentication radio option to True.

3. Click on the Save button.

• Ability to set up D3 webhook keys

Setting Up JWT Remote Command Keys for Utility Command

1. Ensure that Webhook Authentication is toggled on.

• On:

• Off:

2. Click on the JSON Web Token (JWT) button.

3. Click on the + button within the Setup JWT popup.

4. Enter a unique Key Name.

5. Click on the Generate button

The user will see a display similar to the following:

Setting Up JWT Remote Command Keys for Integration Commands

1. Establish a connection between D3 vSOC and the integration. This connection must be active and display a status, as shown in the image above.

   

   Ensure the connection is associated with a specific site. The connection in the screenshot is linked to the Security Operations site.

2. Select the desired integration command.

   

   For demonstration purposes, the Get Computers command will be used.

   

3. Ensure that Webhook Authentication is toggled on.

• On:

• Off:

4. Click on the JSON Web Token (JWT) button.

   

5. Click on the + button within the Setup JWT popup.

6. Select the connection created from step 1. The connection should have the name of the site it is linked to in parentheses.

7. Enter a unique Key Name.

8. Click on the Generate button.

The user will see a display similar to the following:

READER NOTE

Each JWT Remote Command Key will have a unique Secret Key value used in generating the JWT encoding.

Setting Up and Sending a JWT-Encoded Request

1. Copy the request URL in vSOC.

   

2. In Postman, set the HTTP request method to POST, then paste the request URL in the designated field.

   

3. In vSOC, copy the request header key.

   

4. In Postman, click on the Headers tab, then paste the request header key under the Key column.

   

5. In vSOC, copy the object from the Header section.

   

6. In jwt.io, ensure that encoding algorithm is HS256, then paste the object into the HEADER field.

   

7. In vSOC, copy the payload.

   

8. In jwt.io, paste the payload into the PAYLOAD field.

   

9. Populate the PAYLOAD fields. For this demonstration, the completed payload is as follows:

   

READER NOTE

• Ensure the value of the payload’s Username field matches the username of the user being granted access to the remote command key (demo_user in this case).

  

  • By default, the creator is the only individual with access.

• All payload data are case-sensitive.

10. In vSOC, copy the Secret Key.

    

11. In jwt.io, paste the Secret Key.

    

12. In vSOC, copy the request body sample data.

    

13. In Postman, select the Body tab, choose the raw option, then paste the sample request body data.

    

14. Adjust the values to match the payload exactly.

    

15. In jwt.io, copy the encoded token.

    

16. In Postman, click on the Headers tab, paste in the token, then send the request.