This question is in reference to Atlassian Developer Documentation: JWT token
How can I debug the JWT token with the oauthSecret of the room I am in..if I only get the room_id after the debug. where do I know what oauthSecret to use? This is for multiple rooms installs, and this will give me multiple oauthId and oauthSecret
It's important to understand how HipChat works with add-on authentication. You're probably used to a global consumer/oauth ID/secret that you register when you want to obtain an OAuth token. In HipChat, there's no notion of a global consumer/oauth client. Instead, each installation of an add-on (per room or group level acct) is treated as a "tenant" (aka, an oauth consumer). In HipChat, each oauth consumer gets it's own id/secret pair. During the add-on install phase, you'll receive one of these id/secret pairs. You need to persist this pair to your database using the oauth id as your key.
Re: the JWT token... when your add-on needs to validate a JWT token, you first need to decode the claims without a secret (using your JWT library) – doing that will expose the oauth ID you need to look up the tenant in your database (this is stored in the `iss` claim). Once you've obtained the `iss`, look up the tenant in your database then retrieve the secret. You can now use this secret to decode and verify the signed JWT token which will expose all the other context information in the token.
...from the beginning. We have built up a lot of content in HipChat, with it being a core tool in our distributed company model. While it is true that we didn’t need to move to Slack immediately, we felt it...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs