# JWT credentials

You can use these credentials to authenticate the following nodes:

- [JWT](#)


## Supported authentication methods

- Passphrase: Signed with a secret with HMAC algorithm
- Private key (PEM key): For use with [Private Key JWT](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authenticate-with-private-key-jwt) with RSA or ECDSA algorithm


## Related resources

Refer to the [JSON Web Token spec](https://datatracker.ietf.org/doc/html/rfc7519) for more details.

For a more verbose introduction, refer to the [JWT website Introduction to JSON Web Tokens](https://jwt.io/introduction). Refer to [JSON Web Token (JWT) Signing Algorithms Overview](https://auth0.com/blog/json-web-token-signing-algorithms-overview/) for more information on selecting between the two types and the algorithms involved.

## Using Passphrase

To configure this credential, select the **Key Type** of **Passphrase**:

- **Key Type**: **Passphrase**
- The Passphrase **Secret**
- Select the **Algorithm** used to sign the assertion. Refer to [Available algorithms](/guides/automated-workflows#available-algorithms) below for a list of supported algorithms.


## Using private key (PEM key)

To configure this credential, select the **Key Type** of **PEM Key**:

- **Key Type**: **PEM**
- A **Private Key**: Obtained from generating a Key Pair. Refer to [Generate RSA Key Pair](https://auth0.com/docs/secure/application-credentials/generate-rsa-key-pair) for an example.
- A **Public Key**: Obtained from generating a Key Pair. Refer to [Generate RSA Key Pair](https://auth0.com/docs/secure/application-credentials/generate-rsa-key-pair) for an example.
- Select the **Algorithm** used to sign the assertion. Refer to [Available algorithms](/guides/automated-workflows#available-algorithms) below for a list of supported algorithms.


## Available algorithms

This Mosaic Workflows credential supports the following algorithms:

- `HS256`
- `HS384`
- `HS512`
- `RS256`
- `RS384`
- `RS512`
- `ES256`
- `ES384`
- `ES512`
- `PS256`
- `HS384`0
- `HS384`1
- `HS384`2