welcome back guys in this video i will demonstrate how we can generate a jwt token using java language so let me just navigate directly to the eclipse ide so i will be generating a jwt token using a certificate in my previous video i have already demonstrated how we can create a self-signed certificate and to wrap up things quickly and not wasting much time on the setup of the eclipse i've already created a java class named jwt token creator and i've already imported all the libraries which will be required as part of this particular demo now let us see first of all i will be creating an input stream which is of type file input stream and here i will be passing the path of the certificate which we created in our last session so let me just go back to that particular path i'll copy this and paste it over here and this is the certificate which i need to generate a jwt token so i will be using this particular input stream as a certificate in my code moving forward as of now let me just mention the password which was used to create that certificate just for the demo i just used random values so you guys can follow the best practices while you are coding this i give the alias name as client now i will be using the keystone library to get the instance i'm using the default type now i will be loading my keystore with the parameters which is my input stream in this case and my password for that input stream certificate coming to the next part i will be setting an expired date for my token first of all i get the current time start so now i will be specifying the duration for which my certificate will be valid i will be using current time for that so i'll add plus we have minutes over here yes so i'll add five over here and this will be system default now they will there are certain parameters which we need to set as part of creating the jwt token for example the expiry date you know it's by time sorry for the token and if certain alias are required to be to be incorporated in that particular token to for the security purpose actually so for that purpose what i'm going to do is i'll create a map over here which will accept two parameters string and an object i will give the name as claims and i will also show you the difference what will happen if i don't use this map so so let me see my sub parameter is alias my second parameter is the expiry time i think this should be good so moving on to the next step next step is generating the token so all the parameters which we have set on top will be used now to generate that token so i will be using uwt start builder to build the token so first of all i will be setting a header parameter where i will specify the algorithm we will be using rs 256 as part of this demo then i will be setting another header parameter which will be type and known as jwt and i need to set the claims which we have initialized on top then the next part is i need to so i need to sign not set so i will be signing this with the algorithm first as i said we will be using rs256 and i will pass the key over here so did we declare the key on top i think we missed it somehow so we also need to fix the key from that keystore so let me write that piece of code over here so my keystone name is keystore itself dot get key and this accepts two parameters first one is the alias and the second one is the password okay and here my key is passed then i will be using dot compact compact function so as i said i will be demonstrating first if i don't use claims what happens so let me just comment this piece of code and once i run this code i get an exception saying that either a payload or claims must be specified now let's just uncomment that piece of code and see if it works now so this is the token which is generated using the certificate which we created in our last session and the above java code so we also need to verify whether this token is a valid token or not so let me just copy this entire token and we will be heading towards jwt dot io and so let me refresh the page so that there is no confusion that i have set some configurations so let me select rs 256 over here yeah it is this is the default token which is present i will replace that with my token so this is the one ui ghb let's just verify once again yes so as of now the website says that the signature is invalid now i will go back to my certificate and i will open this particular file which contains the primary key sorry public key for my certificate so i will copy this as it is and i will paste it over here i think i did not copy this so as soon as i copy the certificate over here it says the signature verified so this also suggests that the token which i've pasted over here is a valid token so this is how we can generate a valid jwt token using a certificate and java language these are the jars which i have used for this particular demo and moving forward in my next session i will be trying to post a video on how we can generate this dwt token and service now as well so thank you so much for watching