Therefore JWT Generator

JWT Settings

Issuer (iss) * Must match the issuer value configured in Therefore

Audience / Customer ID (aud) * Your Therefore tenant Customer ID

Secret *

Minimum 32 characters - must match Therefore configuration

User Settings

Identity Claim Type Windows Account Name is the recommended identity claim for Therefore

Username * User account with rights to the category/case

Domain (optional) Leave empty for local accounts

Scope

therefore_user — Full access using the user's existing Therefore permissions

therefore_read — Read-only access using the user's existing permissions

therefore_specific — Uses granular permissions defined in JWT claims (the:ctgry, the:casedef, etc.)

Object Permissions

Configure permissions for specific Therefore object(s) required. Leave ID empty to exclude from token.

Category (the:ctgry)

Category ID

Permission Value

Case Definition (the:casedef)

Case Definition ID

Permission Value

Case (the:case)

Case ID

Permission Value

Document (the:doc)

Document ID

Permission Value

Workflow Instance (the:wfinst)

Format: InstanceNo:TokenNo:Permission

Instance ID

Token No

Permission Value

eForm (the:eform)

eForm ID

Permission Value

Indexing Profile (the:ixprof)

Indexing Profile ID

Permission Value

Token Validity

Not Before (nbf) *

Unix: -

Expiry (exp) *

Unix: -

Include Issued At (iat) - uses current time

Quick expiry:

JWT Decoder

Paste an existing JWT to decode and inspect its contents.

JWT Token

Therefore JWT Generator

JWT Settings

User Settings

Permission Calculator

General / Admin Permissions

Document Permissions

Workflow Permissions

Category Field Permissions

Object Permissions

Category (the:ctgry)

Case Definition (the:casedef)

Case (the:case)

Document (the:doc)

Workflow Instance (the:wfinst)

eForm (the:eform)

Indexing Profile (the:ixprof)

Token Validity

Generated JWT

JWT Decoder