How can i generate a NEW JSON Web Token for WorkSpace on Ubuntu?!

h3llo · 15 January 2025 06:57

Hello Guys,

I have Onlyoffice installed and succesfully running on Ubuntu 24.04
Everything works fine also my 172 character JWT API token works fine!

But how can i generate a NEW 172 character JWT API token?

in /etc/onlyoffice/documentserver/local.json

i only see this 32 character key:

  "secret": {
    "inbox": {
      "string": "f4h7Xn3s2zRj9PkL1oYv5aWq0tBg6Im8"
    },
    "outbox": {
      "string": "f4h7Xn3s2zRj9PkL1oYv5aWq0tBg6Im8"
    },
    "session": {
      "string": "f4h7Xn3s2zRj9PkL1oYv5aWq0tBg6Im8"
    }

I hope that someone can help me out!

Kind Regards

Constantine · 17 January 2025 09:05

Hello @h3llo

Please clarify which product is used - the category is set to Workspace, but you are referencing the config of Document Server. Additionally, please specify version of the product you are using.

h3llo · 18 January 2025 06:27

@Constantine

Regarding this:

https://helpcenter.onlyoffice.com/installation/workspace-install-docker.aspx

P.s i am running Non Docker
Its installed on Ubuntu 24.04

Constantine · 21 January 2025 10:19

To change JWT secret you need to specify it in a few configs. I’ve described in which ones here:

It references on how to do it for Docker, but in case of package installation you can simply skip steps of connecting to the containers and move to the configs directly on host.

h3llo · 22 January 2025 01:45

@Constantine

Thanks for your reply but i think you do NOT understand the question of this topic. Let me try again:

The question was/is:

How can i generate a NEW 172 CHARACTER: → JWT API token?
And NOT a NEW 32 CHARACTER : → JWT SECTRET KEY
As you are mentioning in your reply.

I hope that you understand the difference between a Token and a Secret Key.

Looking forward for the right answer.

Thank you very much in advance

Constantine · 27 January 2025 09:08

I do understand the difference, but maybe I am missing the point. You’ve mentioned that your token is working fine, can you share any details on how it is used?

h3llo · 6 February 2025 17:05

@Constantine

The point is:

My 172 character JWT API TOKEN is leaked.
So i would to create/generate a new one.

How can i do that?

Constantine · 11 February 2025 09:00

JWT is used to authorize requests from/to Document Server in integrations, in Workspace too. The token must be generated each time for each request that you are performing to Document Server. Considering that I do not understand what is “JWT API Token” and how it is used, hence I am asking you to elaborate on this.

If you could describe how this token was initially generated, then I am sure it’d bring some clarity on your query.