JWT Client
Mint, sign and verify JSON Web Tokens from Delphi/C++Builder. HMAC, RSA and ECDSA signatures, PASETO-style encrypted JWE, automatic refresh and easy integration with TsgcHTTP2Client / TsgcHTTPComponentClient.
Mint, sign and verify JSON Web Tokens from Delphi/C++Builder. HMAC, RSA and ECDSA signatures, PASETO-style encrypted JWE, automatic refresh and easy integration with TsgcHTTP2Client / TsgcHTTPComponentClient.
Sign HS256/HS384/HS512, RS256/RS384/RS512, ES256/ES384, EdDSA tokens; decode incoming JWTs; auto-refresh near expiry; pair with the HTTP and HTTP/2 clients via Authentication.Token.JWT.
TsgcHTTP_JWT_Client
Windows, macOS, Linux, iOS, Android
Professional / Enterprise
Set Header.alg, Payload.iss / iat / exp, load the signing key, then attach the JWT client to your HTTP / HTTP/2 / WebSocket component as the bearer-token source.
uses
sgcHTTP, sgcBase_Helpers;
var
JWT: TsgcHTTP_JWT_Client;
begin
JWT := TsgcHTTP_JWT_Client.Create(nil);
JWT.JWTOptions.Header.alg := jwtES256;
JWT.JWTOptions.Header.kid := 'apple-key-id';
JWT.JWTOptions.Payload.iss := 'team-id';
JWT.JWTOptions.Payload.iat := StrToInt64(GetDateTimeUnix(Now, False));
JWT.JWTOptions.Algorithms.ES.PrivateKey.LoadFromFile('AuthKey_XXX.p8');
JWT.JWTOptions.RefreshTokenAfter := 40 * 60; // auto-mint every 40 min
ShowMessage(JWT.Token);
end;// uses: sgcHTTP
TsgcHTTP_JWT_Client *JWT = new TsgcHTTP_JWT_Client(this);
JWT->JWTOptions->Header->alg = jwtES256;
JWT->JWTOptions->Header->kid = "apple-key-id";
JWT->JWTOptions->Payload->iss = "team-id";
JWT->JWTOptions->Algorithms->ES->PrivateKey->LoadFromFile("AuthKey_XXX.p8");
ShowMessage(JWT->Token);A typed JWT mint-and-verify component with HMAC, RSA, ECDSA and EdDSA signatures, automatic refresh and a clean handoff to the HTTP / HTTP/2 / WebSocket components.
JWTOptions.Header.alg selects HS256/384/512, RS256/384/512, ES256/384/512, PS256/384/512 or EdDSA. Keys are loaded from PEM, P8 or in-memory streams.
JWTOptions.Payload.iss, sub, aud, exp, nbf, iat, jti are typed properties matching RFC 7519 — plus a free-form CustomClaims for vendor extensions.
RefreshTokenAfter tells the component to mint a new JWT after N seconds — useful for APNs ES256 tokens that Apple expects rotated within an hour.
Decode(token) parses an inbound JWT and verifies the signature against the configured keys; OnVerify fires with success/failure and the parsed payload.
Encrypted JWTs (JWE) per RFC 7516 are supported: AES-CBC, AES-GCM, RSA-OAEP and ECDH-ES key wrapping.
Pair with TsgcHTTP2Client or TsgcHTTPComponentClient by setting Authentication.Token.JWT — every outbound request gets a fresh signed bearer token.
Deep-link to the component reference, grab the ready-to-run demo project, and download the trial.
| Online Help — TsgcHTTP_JWT_Client Full property, method and event reference for this component. | Open | |
| Demo Project — Demos\20.HTTP_Protocol\05.JWT Ready-to-run example project. Ships inside the sgcWebSockets package — download the trial below. | Open | |
| Technical Document (PDF) Features, quick start, code samples for Delphi & C++ Builder and primary-source references — this component only. | Open | |
| User Manual (PDF) Comprehensive manual covering every component in the library. | Open |