Generate JWTs With Vonage’s Online JWT Generator
Published on July 27, 2023

Introduction

Discover the untapped potential of the Vonage developer portal, a treasure trove of resources for developers. In addition to our documentation and insightful blog posts, the portal offers a range of powerful tools. One such gem is the Online JWT Generator, enabling seamless creation of JSON Web Tokens (JWTs) for Vonage applications. Unleash the power of JWTs in your development workflow with ease!

Introducing the Online JWT Generator

The online JWT Generator is an intuitive tool that empowers developers to instantly generate JWTs for Vonage applications, streamlining the setup process. This can be super useful when setting up Vonage applications. For instance, if you’re building with the Messages API, you can quickly test that you’ve set everything up properly just by sending SMS from your virtual number with a bash script like this:

curl -X POST https://api.nexmo.com/v1/messages \
  -H 'Authorization: Bearer '$JWT\
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -d $'{
          "message_type": "text",
          "text": "Testing Vonage Messages API.",
          "to": "'$TO_NUMBER'",
          "from": "'$FROM_NUMBER'",
          "channel": "sms"
}'

But notice that we need to add a $JWT to this operation to let Vonage know that this is a legitimate request, i.e. authenticated.

Effortless JWT Authentication

JWTs play a vital role in secure authentication for your Vonage applications. Learn best practices for secure authentication with JWTs in our comprehensive guide.

Creating a JWT

To create a JWT for your Vonage application, follow these simple steps:

Step 1: Access Your Vonage Dashboard

Open your Vonage Dashboard and navigate to the desired application. Once you’ve opened your application it should look something like this:

Vonage application in the developer dashboard.application-in-vonage-dashboard.png

Step 2: Retrieve the Application ID

Copy the APPLICATION ID from the dashboard and enter it into the generator:

Vonage JWT Generator With Application IDvonage-jwt-generator-with-application-id.png

The little prompt is already telling us that we’re missing something: our private key! What is a private key? This a unique alphanumeric code that is used to encrypt access.

Step 3: Obtain the Private Key

In order to get the private.key, we need to generate it. So click on “edit”. This will then open a page similar to this one.

Vonage application private key generationvonage-application-private-key-generation.png

Now under the authentication section, we can see that it talks about JWTs and using keys as signatures. We’ll want to click the button “Generate public and private key”. This will download a file called “private.key” to our computer. Be sure to save it securely where you will remember it.

It’s very important that even though you’ve downloaded your private.key, you need to save the new status of the application! Scroll to the bottom and click save. Each time a new key is generated, the old key is no longer valid. So you must be using the current, valid key.

Step 4: Open and Verify the Private Key

Open the private key file using a text editor (like VS Code or Sublime Text), ensuring no extraneous spaces or line breaks. The private key serves as a secure key to unlock access to your application's API endpoints. It should look something like this:

Vonage Private Key Examplevonage-private-key-example.png

Step 5: Generate a JWT with the Generator

We can now add the private key to the generator:

Vonage JWT Generator Complete Examplevonage-jwt-generator-complete-example.png

And now the generator will create a JWT instantly!

Final Thoughts

Enhance JWT Validity and Verification

To validate the integrity of your JWT, you can use jwt.io. These tools offer comprehensive JWT analysis and debugging capabilities, ensuring your tokens are valid and secure.

Bonus: Set JWT Permissions

If you'd like to grant certain permissions for a user, you can set the ACL in the JWT Generator. For example, to allow a user to be able to create/manage conversations as well as send/receive texts. images, and audio, the ACL would look like this:

ACL Options Exampleacl-options-example.png

There are many options for your JWTs, which you can explore here.

Vonage’s Developer Community

Join the Vonage developer community on the Vonage Community Slack. Collaborate with fellow developers, share insights, and exchange knowledge. Connect with us on Twitter for further assistance or inquiries.

Benjamin AronovDeveloper Advocate

Benjamin Aronov is a developer advocate at Vonage. He is a proven community builder with a background in Ruby on Rails. Benjamin enjoys the beaches of Tel Aviv which he calls home. His Tel Aviv base allows him to meet and learn from some of the world's best startup founders. Outside of tech, Benjamin loves traveling the world in search of the perfect pain au chocolat.

Ready to start building?

Experience seamless connectivity, real-time messaging, and crystal-clear voice and video calls-all at your fingertips.