...
When creating an MQTT client, the JWT must be passed in the CONNECT message’s password field of the CONNECT message. When connecting over HTTP, a JWT must be included in the header of each HTTP request.
...
In addition to the signing algorithm, you must supply the JWT token format.
The header’s JSON representation of the header is as follows:
For RSA keys:
...
The JWT payload contains a set of claims, and it is signed using asymmetric keys. The JWT claim set includes information on the JWT, such as the token’s target of the token, the issuer, the issued token time the token was issued, and the token’s lifetime. Like the JWT header, the JWT claim set is a JSON object used in calculating the signature.
...
The JSON Web Signature (JWS) specification guides the mechanics of generating the signature for the JWT. The input for the signature is the following content’s byte array of the following content:
| Code Block |
|---|
{Base64url encoded header}.{Base64url encoded claim set} |
...