Introduction

The JSON Web Token (JWT) Single Sign-on (SSO) plugins are designed to work in a pair and enable authentication in Joget using a JSON Web Token payload to allow users to single sign-on (SSO) to Joget using another Joget as the Identity Provider (IdP).

The solution comes in 2 types of plugins and 1 Joget application.

You can find the plugin's source code at:

GitHub: JWT SSO Directory Manager
GitHub: JWT SSO Web Service (including the Joget application)

Plugin information

This plugin is compatible with Joget DX 8.

Get Started

Prerequisites

You should have at least 2 Joget environments/instances installed and running.

Where to get the plugin

You can download the JWT SSO Directory Manager and JWT SSO Web Service plugin from
JogetOSS Github Repository (Directory Manager) and JogetOSS Github Repository (Web Service).

How to install

Click Download on this plugin screen (It will be a .jar file).
Go to your Joget localhost or server. In the Joget Console, go to Admin Bar > Systems Settings > Manage Plugins and click the Upload Plugins button.
Under Upload Plugin, select the plugin .jar file you downloaded and click Upload.
Depending on the plugin type, you can now view your new plugin in your form, List, or UI Builder.
Remember to uninstall the old plugin before uploading a new version.
The Joget Knowledge Base has more information on managing and developing plugins.

How to use it

Setting up the Joget as Identity Provider (IdP)

Install the "jwt-sso-webservice-8.0-SNAPSHOT.jar" plugin.
Import the "APP_jwtsso.jwa" app, and publish the app.

Setting up Joget as the client

This plugin requires Joget Enterprise Edition.
One Joget IdP instance can support several Joget instances acting as the client.

Install "the jwt-sso-directory-manager-8.0-SNAPSHOT.jar" plugin.
Go to Directory Manager Settings, and select the JWT SSO Directory Manager plugin.
Copy the Callback URL shown in the Plugin Configuration screen.
Launch the JWT SSO App in the Joget acting as the IdP, go to Manage Clients > New, fill in a unique Client ID, and paste the Callback URL from Step 3 in the Callback URL field and click Save.
Go back to Manage Client and click on Edit on the client that you have just added, copy the Server URL, Client ID, and Public Key under the Client Config section.
Go back to the JWT SSO Directory Manager Plugin Configuration in the Joget acting as the client, and paste the values copied from Step 5 into the respective fields. You click Next to configure the Login button, or click Submit to save the configuration.

Setting up Security Enhanced Directory Manager

To set up more user security settings, such as password policies and Multi-Factor Authentication (MFA), in Joget acting as the Identity Provider (IdP), go to Directory Manager Settings, and select the Security Enhanced Directory Manager plugin.

Marketplace Knowledge Base > JSON Web Token Single Sign-On > Joget-DX-SEDM.png

Security Enhanced Directory Manager

Download plugin

Download the demo app and plugins for JSON Web Token (JWT) Single Sign-On (SSO) plugin:

Download Sample App

APP_kb-dx8_JSONWebTokenSingleSign-On.jwa