Can anyone tell me how to generate and configure JWT token that works with OnlyOffice, from scratch, step by step, like for a three-year-old baby? I tried various methods and I keep getting “the document security token is not properly formed”. I use this generator: http://jwtbuilder.jamiekurtz.com/
You don’t need to generate a JWT (the T already stands for token).
You only need a JWT secret. This can be pretty much any string, but I recommend a 256 bit base64 encoded string.
head -c 32 /dev/urandom | base64
Doesn’t work. I am still getting that the security token is not properly formed. My configuration:
In Onlyoffice local.json:
“secret”: {
“inbox”: {
“string”: “78YsTwvZAo646cK0BRZn2yJYps26Wx4M7sfnvzTd0nY=”
},
“outbox”: {
“string”: “78YsTwvZAo646cK0BRZn2yJYps26Wx4M7sfnvzTd0nY=”
},
“session”: {
“string”: “78YsTwvZAo646cK0BRZn2yJYps26Wx4M7sfnvzTd0nY=”
}
In seahub_settings.py:
JWT_ENABLED = True
JWT_SECRET = ‘78YsTwvZAo646cK0BRZn2yJYps26Wx4M7sfnvzTd0nY=’
hi do you use onlyoffice with docker or not?
Try to remove the padding (the =).
I think this echoes @tschoes and can be found here:
From the JWT introduction: “The output is three Base64-URL strings separated by dots”.
Base64 has a number of different variants depending on where the encoding will be used. Typical MIME base64 will use
+/as the final two characters, but Base64-URL (RFC 4648 §5) is intended to be used in URLs and filenames, so uses-_instead.
Therefore a JWT will use the characters a–z, A–Z, 0–9, and
-_..
This simple page can be used to generate a random password string to be used as a JWT_SECRET.
I hope this helps.