JWTRule

    Examples:

    Spec for a JWT that is issued by , with the audience claims must be either bookstore_android.apps.example.com or bookstore_web.apps.example.com. The token should be presented at the Authorization header (default). The JSON Web Key Set (JWKS) will be discovered following OpenID Connect protocol.

    This example specifies a token in a non-default location (x-goog-iap-jwt-assertion header). It also defines the URI to fetch JWKS explicitly.

    JWTHeader

    This message specifies a header location to extract JWT token.

    FieldTypeDescriptionRequired
    namestring

    The HTTP header name.

    		Yes
    prefix

    The prefix that should be stripped before decoding the token. For example, for “Authorization: Bearer ”, prefix=“Bearer ” with a space at the end. If the header doesn’t have this exact prefix, it is considered invalid.

    		No