Json Web token - JWT Generator

✅

Link to the plugin page: https://zeroqode.com/plugin/json-web-token---jwt-generator-plugin-for-bubble-1739490824138x661465051070628600

Demo to preview the plugin:

✅

Live Demo: https://rapidevplugins2.bubbleapps.io/jwt_generate_demo

✅

Bubble Editor: https://bubble.io/page?version=live&id=rapidevplugins2&name=jwt_generate_demo&tab=Design&type=page

Introduction

This plugin has been recently acquired by Zeroqode - please bear with us while we review the code and make improvements/fixes where necessary.

This plugin allows you generate Json Web Tokens (JWTs) within your Bubble application.

These are often used to authenticate with third party applications/APIs.

The plugin runs on the server an allows you to generate and sign JWTs for the following algorithms: HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512

You can set the payload of the JWT, the expiration time, time before it becomes valid and the secret key to sign the JWT.

For the RSA and ECDSA algorithm you will have to use an encoded private key. You also have access to the "Verify JWT" action which allows you to decode and check the validity of a JWT.

Usage Features:

Generate and sign JWTs using various algorithms like HS256, RS512, ES256, and more directly within your Bubble application

Set custom payloads, expiration, and validation windows to tailor token behavior to your app’s authentication flow

Choose from symmetric (HS) or asymmetric (RS/ECDSA) algorithms — including support for encoded private keys

Verify tokens with built-in JWT validation, allowing you to decode and check token authenticity inside workflows

Use for secure API communication, external service authentication, or encrypted user session handling

Lightweight and secure, fully executed on the server for enhanced protection and performance

Flexible integration into any Bubble app, supporting complex auth flows and external system interoperability

Maintained by Zeroqode, with improvements and refinements expected for long-term support

How to setup

Generate a JWT

Go to the Workflow tab.

Add an action → Plugins → Generate A JWT.

Enter:

Payload → e.g. { "userId": 123 }
Secret → your secret key

Save the JWT token result for use in API calls or storage.

Verify a JWT

Go to the Workflow tab.

Add an action → Plugins → Verify JWT.

Enter:

Token → the JWT string you want to verify
Secret → your secret key

Use the returned decoded payload as needed.

Generate a JWT With Expiration and Not Before Time

Go to the Workflow tab.

Add an action → Plugins → Generate A JWT With Expiration And Not Before Time.

Enter:

Payload
Secret → your secret key
Expiration Time (seconds)
Not Before Time (seconds)

Use the generated token wherever needed.

Workflow → JWT With Expiration and Not Before Time.

Generate a JWT With Timestamp

Go to the Workflow tab.

Add an action → Plugins → Generate A JWT With Timestamp.

Enter:

Payload → your JSON data (timestamp will be added automatically)
Secret → your secret key

Save or use the JWT token that includes a timestamp.

Title	Description	Type
Payload	A valid JSON Payload	Text
Secretkey	A string, buffer, or object containing either the secret for HMAC algorithms or the PEM encoded private key for RSA and ECDSA	Text
Algorithm	Digital Signature or MAC Algorithm Available options: HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512, none	Dropdown

Title	Description	Type
Jwt	JWT (JSON Web Token) is a compact, URL-safe means of representing claims to be transferred between two parties as a JSON object.	Text
Error	In the context of a software plugin or API, an “error” refers to a deviation from the expected behavior or output due to a mistake or issue in the code execution.	Text

Title	Description	Type
JWT	The JWT you want to verify	Text
Secretkey	The secret key used to sign the JWT	Text

Title	Description	Type
Decoded	“Decoded refers to the process of converting encoded data into its original format within a software plugin or API.”	Text
Error	An error in software refers to an unexpected or incorrect condition that disrupts the normal execution of a program, often resulting in failure to complete a task or function.	Text

Title	Description	Type
Payload	A valid JSON Payload	Text
Secretkey	A string, buffer, or object containing either the secret for HMAC algorithms or the PEM encoded private key for RSA and ECDSA	Text
Algorithm	Digital Signature or MAC Algorithm Available options: HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512, none	Dropdown
Expiresin	S. Eg: 60, “2 days”, “10h”, “7d”. Be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default (“120” is equal to “120ms”).	Text
NotBefore	S. Eg: 60, “2 days”, “10h”, “7d”. Be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default (“120” is equal to “120ms”).	Text

Json Web token - JWT Generator

Demo to preview the plugin:

Introduction

How to setup

Plugin Actions

Generate a JWT

Verify JWT

Generate a JWT with Expiration and not before time

Generate a JWT with Timestamp

Changelogs

Update 16.07.25 - Version 1.13.0

Update 26.06.25 - Version 1.12.0

Update 23.06.25 - Version 1.11.0

Update 23.06.25 - Version 1.10.0

Update 31.05.25 - Version 1.9.0

Update 17.02.25 - Version 1.8.0

Update 20.08.24 - Version 1.7.0

Update 13.10.23 - Version 1.6.3

Update 13.10.23 - Version 1.6.2

Update 12.10.23 - Version 1.6.1

Update 19.09.23 - Version 1.6.0

Update 13.09.23 - Version 1.5.4

Update 08.09.23 - Version 1.5.3

Update 17.07.23 - Version 1.5.2

Update 12.01.23 - Version 1.5.1

Update 03.01.23 - Version 1.5.0

Update 26.05.22 - Version 1.4.0

Update 15.05.22 - Version 1.3.1

Update 08.07.21 - Version 1.3.0

Update 16.05.21 - Version 1.2.0

Update 15.05.21 - Version 1.1.0

Update 14.05.21 - Version 1.0.0