JWT Digital Signature

JWT (JSON Web Tokens) consist of three parts separated by dots(.), which are header, payload, signature.
Below are steps on how to generate JWT signature.
Click Show to view Code Snippet
A. If you use code to create JWT Digital Signatures, do the following steps:
Construct a JWT header in this format:
Base64url encode the JWT header, which results like this:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
Create a JWT Payload in this format (JSON):
Example for OGP H2H - Get Balance Request
JWT Payload depends with the REST Body Payload, also exclude signature field when creating signature
Base64url encode the JWT payload, which results in the following:

eyJjbGllbnRJZCI6IklEQk5JVTBGT1JFSlBXQT0
9IiwiYWNjb3VudE5vIjoiMDExNTQ3NjExNyJ9
Encoded header, the encoded payload, a secret, and sign that with HMAC SHA256 algorithm, for example:
HMACSHA256(base64urlEncode(header)+”.”+base64urlEncode(payload), API Secret Key)
Putting All together base64url string separated by dots, which results in the following
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9. eyJjbGllbnRJZCI6IklEQk5JVTBGT1JFSlBXQT0
9IiwiYWNjb3VudE5vIjoiMDExNTQ3NjExNyJ9. 7tc8PITculm0oLb4UqXaRq9-T9Lyy3crVH8yRMGOesw

Code Snippet (PHP Programming)

// Create token header as a JSON string
$header = JSON_encode([
  'typ' => 'JWT',
  'alg' => 'HS256'
]);
// Create token payload as a JSON string
$payload = JSON_encode([
  'clientId' => 'IDBNIU0FOREJPWA==',
  'accountNo' => '0115476117'
]);
// Encode Header to Base64Url String
$base64UrlHeader = str_replace(
  ['+', '/', '='], ['-', '_', ''], base64_encode($header)
);
// Encode Payload to Base64Url String
$base64UrlPayload = str_replace(
  ['+', '/', '='], ['-', '_', ''], base64_encode($payload)
);
// Create Signature Hash
$signature = hash_hmac(
  'sha256', $base64UrlHeader.".".$base64UrlPayload, '(your-API-key-secret)', true
);
// Encode Signature to Base64Url String
$base64UrlSignature = str_replace(
  ['+', '/', '='], ['-', '_', ''], base64_encode($signature)
);
// Create JWT
$jwt = $base64UrlHeader.".".$base64UrlPayload.".".$base64UrlSignature;
echo $jwt;
B. You can also use jwt.io to create API signatures, below are the steps:
Make sure the header field is as follows:
 jwt-header
Copy paste your JSON request body in Payload field:
Example for OGP H2H - Get Balance Request
JWT Payload depends with the REST Body Payload, also exclude signature field when creating signature
jwt-payload
Copy paste your API secret key in Verify signature field,
leave checklist empty:
 jwt-secret
Your message signature can be found in Encoded field:
 jwt-result
C. if you're testing in sandbox, you can use API "jwtCreator" in API utility:
Use the following value for header:
Copy paste your JSON body request inside body field:
Example for OGP H2H - Get Balance Request
JWT Payload depends with the REST Body Payload, also exclude signature field when creating signature
Copy paste your API key (not API secret key) in "x-api-key" field
Make sure API utility is checked when creating application, if not, edit your application then check API utility

Request Example

{
"header" :
    {
        "alg": "HS256",
        "typ": "JWT"
    },

"body" :
    {
        "clientId":"IDBNISExN",
        "accountNo":"0115476151"
    },

"x-api-key":"336aabf8-9075-4e79-8fed-44e328e8e0c2"
}

Response (Success)

{
  "signature": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRJZCI6IklEQk5JU0V4TiIsImFjY291bnRObyI6IjAxMTU0NzYxNTEifQ.XnkUMMFR81G0yT_iX1MhsbpjDyIhC1m-MTD_nNrPIhY"
}