Hi Nicolas, Yes default synapse gateway implemented to work with OAuth 2.0 tokens while microgateway can handler both OAuth tokens and JWT tokens. You can install microgateway with API Manager or alone as it can work with or without connection to key manager. If gateway do not have access to key manager or central system then microgateway can use with JWT.
Thanks, sanjeewa. On Wed, Oct 24, 2018 at 6:51 PM Nicolas Maujean < nicolas.maujean.fra...@gmail.com> wrote: > Hi, > > I should understand that api manager can't handle jwt tokens but only > microgateway ? if yes microgateway should be install with api manager or > alone ? > > best regards, > > Nicolas Maujean > > Le mer. 24 oct. 2018 à 12:47, Nuwan Dias <nuw...@wso2.com> a écrit : > >> Hi Nicolas, >> >> To get a JWT token from the API Manager, the Token Type of the >> application you are trying with needs to be set to 'JWT'. This needs to be >> done from the API Store UI under the Edit Application section. See the >> section "Generate a JWT token and invoke the API" of the document [1] to >> see what this looks like. >> >> [1] - https://docs.wso2.com/display/AM260/Microgateway+Quick+Start >> >> Thanks, >> NuwanD. >> >> On Wed, Oct 24, 2018 at 3:45 PM Nicolas Maujean < >> nicolas.maujean.fra...@gmail.com> wrote: >> >>> >>> hi, >>> >>> Why wso2 token call return oauth token whereas we configured wso2 to >>> return jwt token, the following way : >>> >>> >>> https://docs.wso2.com/display/AM170/Passing+Enduser+Attributes+to+the+Backend+Using+JWT >>> >>> when we call the command, to get the token, we get the following result : >>> >>> [root@DL-OPEN-INT conf]# curl -k -d "grant_type=client_credentials" \ >>> >>> -H "Authorization: Basic >>> OXpEQWNFaEljOVN5aElwcDFDaFhJRUxRSTFrYTo2dVY4MGQyM2lIYUZjWHZva2c4bUtrTDB1UDhh" >>> \ >>> https://10.200.36.22:8243/token >>> >>> {"access_token":"d4dce5b7-d75d-327c-a5e9-a13ca48782d6","scope":"am_application_scope >>> default","token_type":"Bearer","expires_in":3600}[root@DL-OPEN-INT >>> conf]# >>> >>> here is the api-manager.xml : >>> >>> <JWTConfiguration> >>> <!-- Enable/Disable JWT generation. Default is false. --> >>> <EnableJWTGeneration>true</EnableJWTGeneration> >>> >>> <!-- Name of the security context header to be added to the validated >>> requests. --> >>> <JWTHeader>X-JWT-Assertion</JWTHeader> >>> >>> <!-- Fully qualified name of the class that will retrieve additional >>> user claims >>> to be appended to the JWT. If not specified no claims will be >>> appended.If user wants to add all user claims in the >>> jwt token, he needs to enable this parameter. >>> The DefaultClaimsRetriever class adds user claims from the default >>> carbon user store. --> >>> >>> <ClaimsRetrieverImplClass>org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever</ClaimsRetrieverImplClass> >>> >>> <!-- The dialectURI under which the claimURIs that need to be appended >>> to the >>> JWT are defined. Not used with custom ClaimsRetriever >>> implementations. The >>> same value is used in the keys for appending the default >>> properties to the >>> JWT. --> >>> <ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI> >>> >>> <!-- Signature algorithm. Accepts "SHA256withRSA" or "NONE". To disable >>> signing explicitly specify "NONE". --> >>> <SignatureAlgorithm>NONE</SignatureAlgorithm> >>> >>> <!-- This parameter specifies which implementation should be used for >>> generating the Token. JWTGenerator is the >>> default implementation provided. --> >>> >>> <JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.JWTGenerator</JWTGeneratorImpl> >>> >>> <!-- This parameter specifies which implementation should be used for >>> generating the Token. For URL safe JWT >>> Token generation the implementation is provided in >>> URLSafeJWTGenerator --> >>> >>> <!--<JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.URLSafeJWTGenerator</JWTGeneratorImpl>--> >>> >>> <!-- Remove UserName from JWT Token --> >>> <!-- >>> <RemoveUserNameFromJWTForApplicationToken>true</RemoveUserNameFromJWTForApplicationToken>--> >>> </JWTConfiguration> >>> >>> >>> best regards, >>> >>> >>> Nicolas Maujean >>> >>> _______________________________________________ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >> >> >> -- >> *Nuwan Dias* | Director | WSO2 Inc. >> (m) +94 777 775 729 | (e) nuw...@wso2.com >> [image: Signature.jpg] >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- *Sanjeewa Malalgoda* Software Architect | Associate Director, Engineering - WSO2 Inc. (m) +94 712933253 | (e) sanje...@wso2.com | (b) Blogger <http://sanjeewamalalgoda.blogspot.com>, Medium <https://medium.com/@sanjeewa190> GET INTEGRATION AGILE <https://wso2.com/signature> Integration Agility for Digitally Driven Business
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
