How to install the JWT integration through Azion Marketplace
JWT is a serverless integration available at Azion Marketplace.
Access tokens are often used to control access to online resources, such as APIs and media archives, and JSON Web Tokens (JWTs) can be used to simplify this process. However, JWTs can be larger than session IDs and affect network speed. You can solve these issues by using edge computing capabilities.
Azion offers an integration for increased security: the JWT Edge integration runs directly on the edge firewall. This integration allows you to grant and revoke privileges using KIDs and secrets, and set expiration dates. It runs on the edge for added security as it verifies authenticity before reaching the infrastructure, without the need to contact an authenticator server, which speeds up the process.
Getting the JWT integration from Azion Marketplace
To use the JWT integration provided by Azion Marketplace, follow these steps:
- Access Azion Console > Marketplace.
- On the Marketplace homepage, select the integration’s card.
- Once the integration’s page opens, click the Install button.
A successful message will appear. Now, your integration is installed.
- Access Real-Time Manager (RTM) > Marketplace.
- On the Marketplace homepage, select the integration’s card.
- Once the integration’s page opens, click the Get It Now button, at the bottom-right corner of the page.
A successful message will appear. Now, your integration is installed.
Configuring the integration
Setting up an edge firewall
To instantiate the JWT Edge Function, follow these steps:
- On the upper-left corner, open the Products menu, represented by three horizontal lines, then select Edge Firewall in the SECURE section.
- Click the + Edge Firewall button.
- Give a name to your edge firewall.
- Click the Edge Functions switch.
- Click the Save button.
- On the upper-left corner, open the Products menu, represented by three horizontal lines, then select Edge Firewall in the SECURE section.
- Click the Add Rule Set button.
- Give a name to your edge firewall.
- Select the domains you want to protect with the JWT Edge Function.
- Click the Edge Functions switch to enable functions on your edge application.
- Click the Save button.
Setting up the Edge Firewall function
To instantiate the JWT integration, while still on the Edge Firewall page:
- Go to the Functions Instances tab.
- Click the + Function Instance button.
- Give a name to your instance.
- On the dropdown menu, select JWT.
- This action will load the Arguments tab.
- On the Arguments tab, add the parameters.
The Arguments tab will load an example of KIDs, similar to the one below:
[{ “kids”: { “4546D4AA7F62F01A833A7ABE354030E7": “D6CB2342E44EFB6DD628276F36DA2359”, “D6CB2342E44EFB6DD628276F36DA2359": “60BD8ED7A768E8BD6925BEB0A691AADB”, “60BD8ED7A768E8BD6925BEB0A691AADB”: “4546D4AA7F62F01A833A7ABE354030E7” }
}]
- Click the Save button.
Done. Now you have your JWT instanced.
- Go to the Functions tab.
- Click the Add Function button.
- Give a name to your instance.
- On the dropdown menu, select JWT.
This will load the function, showing a form with the source code of the integration and two tabs: Code and Args.
If you click on the Code tab, you can navigate through the source code to become familiar with it, but without making changes. On the Args tab, you can change the configuration of your JWT function.
Select the Args tab to open the form for the JSON Args where you can add the parameters to execute your application.
The Args tab will load an example of KIDs, similar to the one below:
[{ “kids”: { “4546D4AA7F62F01A833A7ABE354030E7": “D6CB2342E44EFB6DD628276F36DA2359”, “D6CB2342E44EFB6DD628276F36DA2359": “60BD8ED7A768E8BD6925BEB0A691AADB”, “60BD8ED7A768E8BD6925BEB0A691AADB”: “4546D4AA7F62F01A833A7ABE354030E7” }
}]
- Click the Save button.
Done. Now you have your JWT instanced.
Setting up the Edge Firewall Rules Engine
To finish, you have to set up the Rules Engine to configure the behavior and the criteria to run the JWT.
To do so, still on the Edge Firewall page, follow these steps:
- Select the Rules Engine tab.
- Click the + Rule Engine button.
- Give a name to the rule.
- Select a criteria to run and catch the domains that you want to run the integration on.
- Example: if
Hostmatchesyourdomain.com.
- Below, select a behavior to the criteria. In this case, it’ll be Run Function.
- Select the adequate function according to the name you gave it during the instantiation step.
- Click the Save button.
On the Console, you must now configure your domain so your edge firewall protects it.
- On the Products menu, select Domains.
- Click on the domain you want to protect with your JWT function.
- In the Settings section, click on the
Edge Firewallselector and choose the edge firewall you created. - Click the Save button.
Done. Now you have a JWT integration running for every request made to the domain you indicate.
- Go to the Rules Engine tab.
- Click the New Rule button.
- Give a name to the rule.
- Select a criteria with the domain that will run the integration. For example:
if Hostname is equal xxxxxxxxxxxx.map.azionedge.net. - Below, select the Run Function behavior to the criteria.
- Select the adequate JWT function according to the name you gave it in the instantiate step.
- Click the Save button.
Done. Now you have a JWT integration running for every request made to the domain you indicate.
Contributors
