TsgcHTTP_JWT_Client › Properties › JWTOptions
Token configuration: algorithm, signing key material, standard claims and custom header/payload entries.
property JWTOptions: TsgcHTTP_JWT_Client_Options read FJWTOptions write SetJWTOptions;Header.alg=jwtHS256; RefreshTokenAfter=0 (token regenerated on every request); all other string/integer claims empty.
Publishes everything required to build and sign a JSON Web Token (RFC 7519). The sub-objects map 1:1 to the JWT wire format:
alg (jwtHS256/384/512, jwtRS256/384/512, jwtES256/384/512); optional typ and kid. Call Header.AddKeyValue to add any extra field.iss (issuer), sub (subject), aud (audience), exp (expiration, Unix time), nbf (not-before), iat (issued-at), jti (JWT ID). Custom claims are added via Payload.AddKeyValue.Header.alg:
HS.Secret – shared secret for HMAC (HS256/384/512).RS.PrivateKey – PEM-encoded RSA private key for RS256/384/512.ES.PrivateKey – PEM-encoded ECDSA private key for ES256/384/512.Sign automatically refreshes iat and recomputes exp = iat + RefreshTokenAfter; leave at 0 to regenerate the token on every request.APIVersion, LibPath, LibPathCustom, UnixSymLinks) used by the RS and ES algorithms.There is no Issuer/Audience/Expiration property at the root of JWTOptions; those RFC 7519 claims are set via Payload.iss, Payload.aud and Payload.exp respectively.
oJWT.JWTOptions.Header.alg := jwtHS256;
oJWT.JWTOptions.Algorithms.HS.Secret := '79F66F1E-E998-436B-8A0A-3E5DEFA4FD9E';
oJWT.JWTOptions.Payload.iss := '2886EC7547B7BA6A9009';
oJWT.JWTOptions.Payload.sub := '1234567890';
oJWT.JWTOptions.Payload.iat := 1630925658;
oJWT.JWTOptions.Payload.exp := 1630933158;
oJWT.JWTOptions.Payload.AddKeyValue('origin', 'www.yourwebsite.com');
oJWT.JWTOptions.RefreshTokenAfter := 60 * 40;