HashiCorp Nomad supports JWT authentication methods, which allow users to authenticate into Nomad using tokens that can be verified via public keys. This post explains how JWT authentication works and how to set it up in Nomad using a custom GitHub Action. The setup involves creating roles with access to specific policies, defining an auth method for GitHub, and binding rules to map key-value pairs found in the JWT to new names. With this setup, users can deploy files from a directory to Nomad using a short-lived token that is automatically managed by Nomad's identity-based rules and auto-expiring tokens. This enables efficient workflows for tools like GitHub Actions and simplifies management of Nomad tokens for external applications. The introduction of JWT authentication methods in Nomad provides the necessary building blocks to make setting up machine-to-machine auth simple, especially as organizations move towards zero trust security.