Installation

Install the JWT validation library:

composer require lexik/jwt-authentication-bundle

This should have been automatically added to the .env file:

###> lexik/jwt-authentication-bundle ###
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
JWT_PASSPHRASE=9dff125aa27fa4e5ded96cb0ef3e5f0d
###< lexik/jwt-authentication-bundle ###

Also there should be an config/packages/lexik_jwt_authentication.yaml file:

lexik_jwt_authentication:
    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
    pass_phrase: '%env(JWT_PASSPHRASE)%'

Generating the keys

We now need to create the config/jwt directory and the private.pem and public.pem keys.

We can create the key with the following command:

openssl genrsa -out private.pem -aes256 4096

When asked for the password use the same as the JWT_PASSPHRASE from the .env file (e.g: 9dff125aa27fa4e5ded96cb0ef3e5f0d).

Then we need to create the public.pem, after you run the command you will be asked for the private key password.

openssl rsa -pubout -in private.pem -out public.pem

Configuring token properties