kind: Credential/PublicPrivateKey
name: JWT verification key
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSv
vkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHc
aT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIy
tvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0
e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWb
V6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9
sample: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwibmJmIjoxNTgyMjE1ODYwLCJleHAiOjE1ODQ4MDg1NTV9.b_a_hY9svkBuSLwTr25VvGUfAddoYGV8bSG1dxvfHv5scgbVFfmfowOxqBtA4c2D_KmIIRfQsFGsBi9j3JMnKHmU6ABL1KJqqV7OmNlC4MQX-Ai0fySqTcC9kQ47CjrUdGybv38WLCr_iBGlV_FMD6bp51VmoJvqK6KlOu5M_DRmrVpuIoDcaoakZaV-dMI5oPIhDz9g0CCfSyOT1AkVz1kjVsa67afOW3meiynz7oGqsKxs4zpOaw7kUjFKc5aSfcUnsGeYZoWj6qk8mBD8C9mck4fNpOyPLxlHK7R0U7DtD_Kzi373AFVAsptPmM07RlIaOfWfmULArUy0RwExMQ
jwt, REGEXEXTRACT(IF(entry.header.Authorization, entry.header.Authorization, ""), '^Bearer (.+)'),
key, KEY.PUB(secure-store.jwt-verification-key_public_key),
JWT.VERIFY('RS256', IF(jwt, jwt, ""), key)
NOT(.extract.auth.error),
NOW() >= .extract.auth.payload.nbf,
NOW() < .extract.auth.payload.exp)
formula: ".extract.auth.payload.sub"
formula: ".extract.auth.payload.roles"
sample: "default_test_role"
formula: ".extract.auth.error.message"