Tips on setting up JWT service

Hello developers,

We keep getting several questions on setting up JWT service from developers. Here we thought of sharing some tips on setting up JWT service in multiple programming languages.

JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties. Kore.ai DOES NOT provide JWT service. It is imperative that the developer or organization where Kore.ai bot is being used or implemented will have their own JWT service.

  1. Why JWT?
    JWT is used to establish trust between chatbot client (web, mobile) and Kore platform. .

  2. Open source libraries which can be used
    Since JWT is a open standard, there are several open-source libraries that can be used to set it up -
    β€’ NodeJS – GitHub - auth0/node-jsonwebtoken: JsonWebToken implementation for node.js http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html
    β€’ Java – GitHub - auth0/java-jwt: Java implementation of JSON Web Token (JWT)
    β€’ .Net – GitHub - jwt-dotnet/jwt: Jwt.Net, a JWT (JSON Web Token) implementation for .NET
    Taking example of Java above, you can have this library used within your existing java based application and create a JWT within your portal itself. Kore.ai does not bind their developers/ users to stick to any particular technology/ tech stack.

  3. Some more tips

  • JWT service is invoked for each chat session. Thus the scale will be proportional to your estimated traffic.
  • You can integrate JWT service within your parent web application where you are planning to integrate the chat window. This way you don’t need to scale JWT provider separately

credits (information source): @mandar.udgirkar

1 Like