Settings

Manage the authentication token

Configure JWT token

JWT Token

Provide the JWT token validated by the API. It must include the following claims: sub (user ID), tenant (optional), and roles/scope (optional).

Could not fetch the current user information.

Define which roles can modify sensitive fields, workflow steps, or automations.

JWT token format: header.payload.signature

The token must include the following claims:

sub - User ID (required)
tenant - Tenant ID (optional; defaults to AUTH_DEFAULT_TENANT if omitted)
roles or scope - Roles: admin or operator (optional; default: operator)

The token is signed with the AUTH_JWT_SECRET key.