postman.hubat.net
. Having that, the following redirect has to be executed:redirect
as a query parameter named token
.application id
, redirect
and fallback
.token
query parameter appended and containing a RS256-signed JWT token, e.g.:applicationVersion
is the version of the app that generated the tokenapplication
is the application id that generated the token, it must match the application that requested the application tokeniss
(issuer) is the address of the PDA that has created the token and that you should be logging inexp
(expiry) Unix timestamp the token was created, defining whether the token is still validiat
(issued at time) Unix timestamp the token was issued, used to calculate if 30 days have lapsed since the time the token was first issued/publickey
endpoint of the PDA (e.g. https://postman.hubat.net/publickey
). The precise handling of tokens with asymmetric keys will depend on your library; however you need to make sure that your library supports RS256 keys.