JWT format

JWT is a JSON Web Token

Please consult for more information about the JWK specification.

The website is a helper to decrypt and validate JWTs.

Each request to "" contains a JWT with attributes (claims):

[subject] who initiated the operation (employee, technical user)
[object] a user to be manipulated, of 2 natures:
1. key keeper (for identification and processing accounts)
2. customer

An example of JWT token payload:

{
  "flow": "sign-in" // enum - see below
  "obj": "123456789", // object
  "sub": "employee@email.com", // subject
  "iat": 1684501806, // issued at
  "exp": 1684501806, // expires at
}

JWT can be validated against a public key by kid (key list is published at /api/v1/.well-known/jwks.json). For testing purposes you can use an attached key (below) to validate the sample JWT (from above).

Parameter flow can have the following values:

sign-in - authorization of client's operation (for example, payment);
sign-up - creation of a new client or account;
sign-up-processing - creation of a processing account;
sign-up-emission - creation of an identification account;

PreviousBank authorization NextEmlpoyee

Last updated 1 year ago