Skip to main content
To homepage To homepage

Can I create a JWT credential via an API?

ByrneReese
Community Manager
Forum|alt.badge.img+3

Users expecting to create JSON Web Token (JWT) credentials programmatically via an API may find that this is not possible. RingCentral does not provide an API endpoint for generating JWT credentials; instead, they must be manually created through the RingCentral Developer Console.

To create a JWT credential, follow these steps:

  1. Log in to the RingCentral Developer Console: Visit the RingCentral Developer Console and sign in with your account.

  2. Access Credentials: Click on your profile in the top-right corner and select Credentials from the dropdown menu.

  3. Create a New JWT Credential: In the Credentials section, select Create Credential, then choose JWT.

  4. Associate the JWT with an Application: Select the application that will use this credential. Ensure that it is configured to support JWT authentication.

  5. Generate and Save the JWT: Once created, securely store the JWT credential, as it will be required for authentication.

JWT authentication is best suited for server-to-server applications where no user interaction is required. It is particularly useful in trusted environments where secure storage of credentials is guaranteed. Additionally, JWT authentication eliminates the need for refresh tokens, simplifying authentication in backend applications.

For developers requiring API-based credential management, alternative authentication methods such as OAuth 2.0 Authorization Code Flow should be considered. It is also essential to securely store JWT credentials and avoid exposing them in client-side applications.

For more details on authentication methods, refer to the RingCentral Authentication Guide. If further assistance is needed, visit the RingCentral Developer Community or contact RingCentral support.

    Did this thread help you find an answer to your question?

    2 replies

    A
    • ameyer
    • New Participant
    • 2 replies
    • April 3, 2025

    I keep coming back to this question when thinking of my application’s use case. I feel I need to user user JWTs but I also need server side, impersonating user initiated actions. 

     

    Think of a scenario where I have recruiter type users. They use RingCentral’s features such that they can call and text applicants from within our app. But as well, when they are not logged in, we want our app to send notifications to talent (SMS) on behalf of the recruiter. Say a reminder to upload a document, etc. But we want this SMS to come FROM the recruiter so there is a continuous message history. Not some central system use number.

     

    I can solve this with User JWTs but that requires my user to login to a RIngCentral account we provision for them and create a JWT to supply to us (or manually have a super admin add them as a developer, create it for them, and upload the user JWT to our secure key vault). Not an ideal scenario.

     

    Am I over thinking this? Is there a better way to manage this type of long lived, impersonated type of user authentication?

    ByrneReese
    Community Manager
    Forum|alt.badge.img+3
    • ByrneReese
    • Author
    • Product Manager
    • 255 replies
    • April 4, 2025

    @ameyer Thank you so much for asking this question. JWT is an attractive option for many because it is so much easier to use, and especially get started with. But JWT doesn’t scale. It is hard to generate JWT credentials for all users. I know this sounds counterintuitive, but to be honest, that is partially by design. 

    JWTs are powerful. They give the bearer direct access to the account and bypass two-factor auth. They should be used sparingly, and with great care. 

    Auth token based OAuth is much more secure, and it provides a level of transparency to the user as to what can be done with their authorization. When it comes to granting systems the authority to act on their behalf, we feel this is very important. 

    Your use case really does call for the use of the auth token grant type or flow. 

    But here is one thing you may not have known:

    • Developer Admins do have the ability to generate JWT on behalf of someone else

    I am not here to tell you that you “shouldn’t use JWT.” Just to advise you. There are ways to make it work of course, but I am not personally a fan of the overhead required to do so. 

    You should consider looking into Workflow Builder. It offers admins the ability to automate SMS responses and messages on behalf of other users in their company. That might also have been a solution you may have overlooked. 

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settings

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings
    PRODUCTS
    RingEX
    Message
    Video
    Phone
    OPEN ECOSYSTEM
    Developer Platform
    APIs
    Integrated Apps
    App Gallery
    Developer support
    Games and rewards

    RESOURCES
    Resource center
    Blog
    Product Releases
    Accessibility
    QUICK LINKS
    App Download
    RingCentral App login
    Admin Portal Login
    Contact Sales
    © 1999-2024 RingCentral, Inc. All rights reserved. Privacy Notice