SSP Tokens Reference

1. SSP token format

All SSP tokens implement JWT standard as defined in RFC 7519.

It is therefore structured in three parts :

1. Header

2. Payload

3. Signature

Each part is base-64 encoded and separated with a "." (dot):

base64Encode(header) + "." + base64Encode(payload) + "." + base64Encode(signature)

How to sign the token :

• The key used in the signing corresponds to the SSP tenant's credential identified by "kid" claim from the token's header.

• Algorithm used is HMAC-SHA256 as described in  https://tools.ietf.org/html/rfc7518 , section 5.2.

To create an SSP token, refer to:

• JWT Token Creation (SSP-specific tool)

• https://jwt.io/

2. SSP token types