Hey, I would suggest using this Before Operation rule, i have referenced the below url, with slight modifications.
URL: OAuth verification for JWT Payload - #7 by tyler_mairose
Now in case of you storing the Private Key/Cert to sign the Token, i would suggest using Webservices connector with custom authentication.
Flow will look something like this:
- Onboard Webservices and Auth should be custom authentication.
- Now as you set it to custom authentication you will have new input fields available to put some data in. Use those input fields to store your private key/ cert.
- In before Operation Rule, reference the field where you have store the private key and then sign the token and generate the JWT Signed Token.
- In Before Operation rule itself, generate the access_token using the JWT Signed token. I believe there will be a API endpoint to get the access token once you have the JWT Signed token.
- Store the token in you connector variables.
- Use the stored access_token in subsequent API calls.
P.S all the libraries used are already present in OOTB VA Configurations so you should be good to use them directly by just putting import statements.
Hope this helps.