...
| Tip |
|---|
Sample appYou can take a look at our sample app for guidance on configuring the authentication between your app and CMJ Cloud. See how the the sample app authenticates in our public repository. |
...
Invocations of app SPI endpoints by CMJ Cloud are secured via JWT authentication. CMJ Cloud will invoke the app only using "HTTPS" and will validate the server certificate provided by the app. The app must verify the signature of the provided JWT token , using a publicKey‘publicKey’. This public key can be obtained by calling the SPI Keys API, hosted on CMJ Cloud. You need to must pass the key ID (kid) , included in the JWT header when making the call. The public key is the Base64 representation of DER-encoded X.509.
...