You can configure a JSON Web Token (JWT) in Jamf Pro to secure downloads of packages, in-house apps, and in-house books hosted on a web server. After the JWT is configured, packages, in-house apps, and books can only be downloaded on managed computers and mobile devices and within the time period you specify.
Packages, in-house apps, and books must be hosted on the same web server that is configured for JWT authentication.
The JWT is generated using the RS256 algorithm, is signed with the RSA private key provided in the configuration, and has the following claims:
"sub" (subject) of "AppManifest"
"iss" (issuer) of "JSS"
"exp" (expiration) configurable in the JSON Web Token Configuration settings
After configuring the JWT, the administrator of the web server must perform further setup to ensure the server validates the request using the JWT "token" query parameter.
Until the web server validates the requests, unsecured downloads of in-house apps and books may still be possible.