SMART Test Suite

① The JWT Message

  • info_outline info

    The JWT message conforms the SMART Backend Service. These are the required fields:

    Audience (aud)
    The "aud" (Audience) field contains the value of the intended receiver of the message, in this case the URL where the access token shall be requested. The test suite will send the request to this endpoint.
    Issuer (iss)
    The Issuer (iss) field contains the client_id.
    Subject (sub)
    The Subject (sub) field contains the client_id.
    Issed at (iat)*
    The "iat" (issued at) claim identifies the time at which the JWT was issued.
    Expiration Time (exp)*
    The "exp" (expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
    JWT ID (jti)*
    The "jti" (JWT ID) claim provides a unique identifier for the JWT.

    * fields are populated automatically.

  • vpn_key Sign with Private Key (RS512) instead of JWKS

    By default, the request will be signed with JWKS. However, it is also possible to configure a public key as a SMART backend service.

    Provide your private key below to sign the request with your private key. The private key will be sent to the server, but won't be saved.

② The OAuth Client Assertion

  • info_outline info_outline

    The OAuth Client Assertion conforms to the SMART Backend Service. These are the required fields:

    scope
    The OAuth scope for the requested access token.
    grant_type*
    Always set to client_credentials
    client_assertion_type*
    Always set to urn:ietf:params:oauth:client-assertion-type:jwt-bearer
    client_assertion*
    The signed JWT from step ①

    * fields are populated automatically.

③ Debugger