Apex Reference Guide

Clouds with binary code floating aboveCloud with binary code floating above

No Results

Search Tips:

  • Please consider misspellings
  • Try different search keywords
Apex Reference Guide
Release Notes
Apex DML Operations
ApexPages Namespace
AppLauncher Namespace
Approval Namespace
Auth Namespace
AuthConfiguration Class
AuthProviderCallbackState Class
AuthProviderPlugin Interface
AuthProviderPluginClass Class
AuthProviderTokenResponse Class
AuthToken Class
CommunitiesUtil Class
ConfigurableSelfRegHandler Interface
ConfirmUserRegistrationHandler Interface
ConnectedAppPlugin Class
CustomOneTimePasswordDeliveryHandler Interface
CustomOneTimePasswordDeliveryResult Enum
ExternalClientAppOauthHandler Class
GeneratedUserData Class
HeadlessSelfRegistrationHandler Interface
HeadlessUserDiscoveryHandler Interface
HeadlessUserDiscoveryResponse Class
HttpCalloutMockUtil Class
IntegratingAppType Enum
InvocationContext Enum
JsonValueOutput Class
JWS Class
JWT Class
JWT Methods
JWTBearerTokenExchange Class
JWTUtil Class
LightningLoginEligibility Enum
LoginDiscoveryHandler Interface
LoginDiscoveryMethod Enum
MyDomainLoginDiscoveryHandler Interface
Oauth2TokenExchangeHandler Class
OAuth2TokenExchangeType Enum
OAuthRefreshResult Class
OauthToken Class
OauthTokenType Enum
RegistrationHandler Interface
SamlJitHandler Interface
SessionManagement Class
SessionLevel Enum
TokenValidationResult Class
UserData Class
VerificationAction Enum
VerificationMethod Enum
VerificationPolicy Enum
VerificationResult Class
Auth Exceptions
Cache Namespace
Canvas Namespace
ChatterAnswers Namespace
CommerceBuyGrp Namespace
CommerceExtension Namespace
CommerceOrders Namespace
CommercePayments Namespace
CommerceTax Namespace
ComplianceMgmt Namespace
Compression Namespace
ConnectApi Namespace
Context Namespace
Database Namespace
Datacloud Namespace
DataRetrieval Namespace
DataSource Namespace
DataWeave Namespace
Dom Namespace
embeddedai Namespace
EventBus Namespace
ExternalService Namespace
Flow Namespace
Flowtesting Namespace
FormulaEval Namespace
fsccashflow Namespace
Functions Namespace
industriesNlpSvc
IndustriesDigitalLending Namespace
Invocable Namespace
InvoiceWriteOff Namespace
IsvPartners Namespace
KbManagement Namespace
LxScheduler Namespace
Messaging Namespace
Metadata Namespace
PlaceQuote Namespace
Pref_center Namespace
Process Namespace
QuickAction Namespace
Reports Namespace
RevSignaling Namespace
RevSalesTrxn Namespace
RichMessaging Namespace
Salesforce_Backup Namespace
Schema Namespace
Search Namespace
Sfc Namespace
Sfdc_Checkout Namespace
Sfdc_Enablement Namespace
sfdc_surveys Namespace
Site Namespace
Slack Namespace
Support Namespace
System Namespace
TerritoryMgmt Namespace
TxnSecurity Namespace
UserProvisioning Namespace
VisualEditor Namespace
Wave Namespace
Appendices
PDF

JWT Class

Generates the JSON Claims Set in a JSON Web Token (JWT). The resulting Base64-encoded payload can be passed as an argument to create an instance of the Auth.JWS class.

Namespace

Auth

Usage

Use the methods in this class to generate the payload in a JWT bearer token for the OAuth 2.0 JWT bearer token flow. For more information and a full code sample, see JWTBearerTokenExchange Class.

JWT Methods

The following are methods for JWT. All are instance methods.

clone()

Makes a duplicate copy of the JWT object.

Signature

public Object clone()

Return Value

Type: JWT

getAdditionalClaims()

Returns a map of additional claims in the JWT, where the key string contains the name of the claim, and the value contains the value of the claim.

Signature

public Map<String,Object> getAdditionalClaims()

Return Value

Type: Map<String,Object>

The claims returned depend on how the JWT was generated.

If the JWT was generated using other methods in the Auth.JWT class, this method returns the claims that were set using the setAdditionalClaims method.

For JWTs generated using methods in the Auth.JWTUtil class, the getAdditionalClaims method returns all claims except for these three.

  • aud (audience)—Use the getAud method instead.
  • iss (issuer)—Use the getIss method instead.
  • sub (subject)—Use the getSub method instead.

For these JWTs, when the incoming JWT has a claim that stores an inner JSON list, the claim value is returned as a string.

getAud()

Returns the audience (aud) claim that identifies the intended recipients of the JWT.

Signature

public String getAud()

Return Value

Type: String

getIss()

Returns the issuer (iss) claim that identifies the issuer of the JWT.

Signature

public String getIss()

Return Value

Type: String

getNbfClockSkew()

Returns the not before (nbf) claim that identifies the time before which the JWT must not be accepted for processing, while allowing some leeway for clock skew. This method returns a NoAccess exception for JWTs generated using methods in the Auth.JWTUtil class. To return the nbf claim for these JWTs, use the getAdditionalClaims method instead.

Signature

public Integer getNbfClockSkew()

Return Value

Type: Integer

getSub()

Returns the subject (sub) claim that identifies the current user of the JWT.

Signature

public String getSub()

Return Value

Type: String

getValidityLength()

Returns the length of time (in seconds) that the JWT is valid, which affects the expiration (exp) claim. This method returns a NoAccess exception for JWTs generated using methods in the Auth.JWTUtil class. To return the validity length for these JWTs, use the getAdditionalClaims method instead.

Signature

public Integer getValidityLength()

Return Value

Type: Integer

setAdditionalClaims(additionalClaims)

Sets the additional claims in the JWT. Returned by the getAdditionalClaims method.

Signature

public void setAdditionalClaims(Map<String,Object> additionalClaims)

Parameters

additionalClaims
Type: Map<String,Object>

Return Value

Type: void

Usage

Additional claims must not include any standard claims.

setAud(aud)

Sets the audience (aud) claim in the JWT. Returned by the getAud method.

Signature

public void setAud(String aud)

Parameters

aud
Type: String

Return Value

Type: void

setIss(iss)

Sets the issuer (iss) claim in the JWT. Returned by the getIss method.

Signature

public void setIss(String iss)

Parameters

iss
Type: String

Return Value

Type: void

setNbfClockSkew(nbfClockSkew)

Sets the not before (nbf) claim in the JWT. Returned by the getNbfClockSkew method. This method returns a NoAccess exception for JWTs generated using methods in the Auth.JWTUtil class. For these JWTs, the incoming JWT determines the nbf claim.

Signature

public void setNbfClockSkew(Integer nbfClockSkew)

Parameters

nbfClockSkew
Type: Integer

Return Value

Type: void

setSub(sub)

Sets the subject (sub) claim in the JWT. Returned by the getSub method.

Signature

public void setSub(String sub)

Parameters

sub
Type: String

Return Value

Type: void

setValidityLength(validityLength)

Sets the length of time (in seconds) that the JWT is valid, which affects the expiration (exp) claim. Returned by the getValidityLength method. This method returns a NoAccess exception for JWTs generated using methods in the Auth.JWTUtil class. For these JWTs, the incoming JWT determines the validity length.

Signature

public void setValidityLength(Integer validityLength)

Parameters

validityLength
Type: Integer

Return Value

Type: void

toJSONString()

Generates the JSON object representation of the Claims Set as an encoded JWT payload.

Signature

public String toJSONString()

Return Value

Type: String