Hello there, I have a LDAP plugged as a secondary user store on the IS and users (from this same LDAP) can access to the protected resources on my APIM. So, everything's OK.
But, because of *more* business need, I implemented a IN flow sequence for my API on APIM. This sequence retrieves the JWT (if I am not mistaken, sent by the IS) from where I retrieve the roles and do something special with them. However, because of the immutable state of the JWT, I cannot see the changes made on the user via the IS. So, is there a way to force the refresh of the JWT to see those changes? I made some tests (even if they can impact the performances) and that was not successful : - I deactive the cache (on both IS and APIM thanks to theCacheConfigurations part where I put everybody to false) - revoking the OAuth2 token and regenerating it (I thought it was linked in a way) And I don't find anything in the configuration files where I can manipulate the behaviour concerning this JWT. Regards, Thomas
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
