Need JWT with x5c header

SebastianCatrina · February 9, 2026, 8:00am

Hi Everyone,

I need to generate a JWT from a Token Profile that includes the x5c (certificate chain) header.

Setup:

Token Profile: JSON Web Token
Security: Signature → Asymmetric → RS256

When I try to set x5c manually (pasting the cert chain), I get this error:

“JWS Alias — Please provide correct algorithm key with correct key length.”

Is there any way to make Pega include the x5c header automatically when generating the JWT?

Thanks!

Sairohith · February 12, 2026, 3:55am

@SebastianCatrina Pega’s OOTB JWT Token Profile cannot include an x5c header automatically, because x5c is a list/array of strings and that header format is not supported in the Token Profile headers.
So the one workable solution is to bypass the Token Profile for token generation and generate/sign the JWT in custom code (for example, a Java step/library) where you can read the certificate chain from your keystore and set x5c as a proper JSON array, then use that JWT in your connector/request.

Conversation		Replies	Views
Could not get access token when using JWT Token Profile in Authentication profile- OAuth 2.0 authentication issue. General security	3	639	November 11, 2024
JWT Creation and its usage for Connect-Rest rule Blueprint and App Design senior-system-architect , low-code-app-development , security , case-management , financial-services , 8-4-3	2	300	March 11, 2024
JWT validation in REST Service Blueprint and App Design lead-system-architect , security , enterprise-application-development , 8-4-6	6	601	December 1, 2025
Pega REST Integration with Service via API gateway using JWT authentication General solutions-engineer , system-architect , security , partners-and-integrations , financial-services	1	393	September 9, 2024
Authentication Profile Oauth2.0: How to pass the header to the access token endpoint: General lead-system-architect , security , financial-services , 8-8-5	3	413	December 17, 2024

Need JWT with x5c header

Related topics