...
When creating an MQTT client, the JWT must be passed in the CONNECT message’s password field. When connecting over HTTP, a JWT must be included in the header of each HTTP requestrequest’s header.
Creating JWTs
JWTs have three sections: a header, payload (containing a claim set), and signature. The header and payload are JSON objects, serialized to UTF-8 bytes, then encoded using base64url encoding.
...
| Code Block |
|---|
{ "alg": "ES256", "typ": "JWT" } |
The header’s algorithm specified in the header must match at least one of the public keys registered for the device.
...