REST API with JWT token Auth

Hi all

Just wondering if anyone has implemented an API endpoint on LC with JWT signed token with a pub/private key. I cannot see it in the UI/guides (OAUTH or bearer only options) and this might be possible using these.

Any input would be really appreciated.


Morning Simon,

Could you please let me know what Create version you are using?

We’ve recently added OAuth:

  • Grant type: Client credentials
  • Client authentication method: JWT signed using private key

Available in 22.3, patch 2022.3.558 and 2023.1.91

Many Thanks

Thanks Adam - Currently on 2022.1 and about to upgrade - will try this again once I am up to 2023.1


Hi Adam - I am now on 2023.1 in build but not seeing the OAUTH in Endpoint or Functions to build a Generic REST API solution - are you able to point me to some academy info or help direct.

Build a Liberty Create Interface that a LibCreate user can create a selection of data key and value pairs and enable them to be visible on an external REST API. The REST API will need to use JWT authentication and rotation with a third party for them to collect the latest array of data values.

Currently testing on POSTMAN and getting a 403 response.
When set up as a liberty Create API getting good test responses internally but nothing externally.
Have now set up as a Generic API

Hello. I’m not entirely sure I understand what you’re trying to do, but the OAuth settings are on the API Connection page (e.g. Outbound) rather than in Endpoint or Functions (e.g. Inbound).

There’s a tickbox for “Enable OAuth 2.0” that will then allow you to configure the details.

To be clear, is the Liberty Create application sending the API request, or receiving it?

Hi Scott

The solution is to provide an API interface so would be Receiving a Call from an external application.

Apologies Simon,

Your request came in at the same time as we were adding this feature to the outbound side of Create, as such it appears as though I misunderstood the assignment here.

As it happens we have implemented a custom JWT Auth method using code studio that can be used to validate inbound requests, although it requires multiple components to implement.

We have a custom authentication processor which validates the issuer from a set of known issuers configured in a variable. We download and maintain a copy of the signature from the approved issuers and use it to validate the request. Our script also allows you to limit the claims to within a declared set of values.

We cannot action any of the claims in the request, but if mirrored in the data or header we can ensure they match as part of the validation.

JSON Object containing approved keys and values that must be present and correct within received JWT tokens.

Top Level Key is URL encoded issuer.


  "https%3A%2F%2Fsubdomain.domain.tld%2Fauth%2Frealms%2Fmy-realm": {
    "active": true,
    "claims": {
      "typ": ["Bearer"],
      "azp": ["realm-origin"]
    "key": {
      "keys": {
        "0": {}

This method has been Pen-Tested and is running live elsewhere with no issues.

If this is of interest to you, please let me know and we can arrange a call to discuss.
You will need at least a days consultancy for us to help you implement.

Many thanks Adam