Hi, I should understand that api manager can't handle jwt tokens but only microgateway ? if yes microgateway should be install with api manager or alone ?
best regards, Nicolas Maujean Le mer. 24 oct. 2018 à 12:47, Nuwan Dias <nuw...@wso2.com> a écrit : > Hi Nicolas, > > To get a JWT token from the API Manager, the Token Type of the application > you are trying with needs to be set to 'JWT'. This needs to be done from > the API Store UI under the Edit Application section. See the section > "Generate a JWT token and invoke the API" of the document [1] to see what > this looks like. > > [1] - https://docs.wso2.com/display/AM260/Microgateway+Quick+Start > > Thanks, > NuwanD. > > On Wed, Oct 24, 2018 at 3:45 PM Nicolas Maujean < > nicolas.maujean.fra...@gmail.com> wrote: > >> >> hi, >> >> Why wso2 token call return oauth token whereas we configured wso2 to >> return jwt token, the following way : >> >> >> https://docs.wso2.com/display/AM170/Passing+Enduser+Attributes+to+the+Backend+Using+JWT >> >> when we call the command, to get the token, we get the following result : >> >> [root@DL-OPEN-INT conf]# curl -k -d "grant_type=client_credentials" \ >> >> -H "Authorization: Basic >> OXpEQWNFaEljOVN5aElwcDFDaFhJRUxRSTFrYTo2dVY4MGQyM2lIYUZjWHZva2c4bUtrTDB1UDhh" >> \ >> https://10.200.36.22:8243/token >> >> {"access_token":"d4dce5b7-d75d-327c-a5e9-a13ca48782d6","scope":"am_application_scope >> default","token_type":"Bearer","expires_in":3600}[root@DL-OPEN-INT conf]# >> >> here is the api-manager.xml : >> >> <JWTConfiguration> >> <!-- Enable/Disable JWT generation. Default is false. --> >> <EnableJWTGeneration>true</EnableJWTGeneration> >> >> <!-- Name of the security context header to be added to the validated >> requests. --> >> <JWTHeader>X-JWT-Assertion</JWTHeader> >> >> <!-- Fully qualified name of the class that will retrieve additional >> user claims >> to be appended to the JWT. If not specified no claims will be >> appended.If user wants to add all user claims in the >> jwt token, he needs to enable this parameter. >> The DefaultClaimsRetriever class adds user claims from the default >> carbon user store. --> >> >> <ClaimsRetrieverImplClass>org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever</ClaimsRetrieverImplClass> >> >> <!-- The dialectURI under which the claimURIs that need to be appended >> to the >> JWT are defined. Not used with custom ClaimsRetriever >> implementations. The >> same value is used in the keys for appending the default properties >> to the >> JWT. --> >> <ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI> >> >> <!-- Signature algorithm. Accepts "SHA256withRSA" or "NONE". To disable >> signing explicitly specify "NONE". --> >> <SignatureAlgorithm>NONE</SignatureAlgorithm> >> >> <!-- This parameter specifies which implementation should be used for >> generating the Token. JWTGenerator is the >> default implementation provided. --> >> >> <JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.JWTGenerator</JWTGeneratorImpl> >> >> <!-- This parameter specifies which implementation should be used for >> generating the Token. For URL safe JWT >> Token generation the implementation is provided in >> URLSafeJWTGenerator --> >> >> <!--<JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.URLSafeJWTGenerator</JWTGeneratorImpl>--> >> >> <!-- Remove UserName from JWT Token --> >> <!-- >> <RemoveUserNameFromJWTForApplicationToken>true</RemoveUserNameFromJWTForApplicationToken>--> >> </JWTConfiguration> >> >> >> best regards, >> >> >> Nicolas Maujean >> >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > *Nuwan Dias* | Director | WSO2 Inc. > (m) +94 777 775 729 | (e) nuw...@wso2.com > [image: Signature.jpg] > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture