Authentication with Client Assertion (JWT)

Table of contents

  • Introduction
  • Guide


Alumio supports authentication via Client Assertion since version 3.53.0. By using Client Assertion during authenticating with integration it becomes possible to fetch an access token for the API of integration.


  1. Create a new authentication.
  2. Select OAuth2 authentication.
  3. Select the “Client assertion” provider.
  4. Select the “JWT” assertion type.
  5. Fill in the token URL, client ID, and scope.
  6. Add one field under “Additional fields used to get a token.”
  7. Add “tenant” as the key, and the provided “Directory (tenant) ID” as the value.
  8. Select “RS256” as an algorithm.
  9. Fill in the private key (Tip: use an encrypted environment variable).
  10. Must be the text contents of the private key file.
  11. Under Payload.
  12. Use the client id as value for Issuer, and Subject.
  13. Use the token URL as the value for Audience.
  14. Use an expiration time of 3600 seconds.
  15. Under Header.
  16. Check “Include x5t header”.
  17. Fill in the certificate.
    1. Must be the text contents of the certificate file.
  18. Under advanced.
  19. Configure logging and a custom HTTP client, if required.
  20. Click “Retrieve an access token key”.
  21. Save the HTTP authentication.