Hi all,
AppM use JWT for transfer claims between AppM gateway and the backend
application. JWT has been generated by extracting user claims from the SAML
response which is provided by the IDP. Currently JWT is signed by the AppM
gateway but not by the IDP.
I think we need to sign the JWT by using
[Adding Prabath]
In API Manager, JWT is generated as a part of key validation process (key
manager) , hence the JWT is signed by KeyManager (IdP). But in App Manager,
JWT generation happens at the gateway using the SAML response sent by IdP.
Since GW is the one generating JWT, problem is how we ar
Hi Dinusha,
JWT improvement(define a new interface and abstract class so that now we
can implement the abstract class as an extension point.) is done. How could
we deal with JWT signing? Please instruct me.
*Sajith Abeywardhana* | Software Engineer
WSO2, Inc | lean. enterprise. middleware.
#20, P
