[Dev] IS_Server JWT Settings

2015-08-03 Thread John Hawkins
Hi Folks, I've just been following these instructions [1] to get the API-M talking to the Identity server. I am confused as to why I have set JWT on in the Identity servers api-manager.xml [2] and not just in the API-M? Isn't it the API-M sending JWT out rather than the IS ? Can someone explain

Re: [Dev] IS_Server JWT Settings

2015-08-03 Thread Senaka Fernando
Hi Nuwan, So I think then there are few things now. 1. First the docs need to be clear on what is done @ IS - your context is far more clearer than what the docs actually explain. 2. Also related to #1 above, the actual config needs some renaming I guess, it doesn't fall into place.

Re: [Dev] IS_Server JWT Settings

2015-08-03 Thread Senaka Fernando
Hi John, I think the IS sends back the JWT, but when you use IS as the key manager, shouldn't it be the API-M that requests for the JWT from IS? And, regardless of that the setting should be done at the API-M GW IMO, because that's what creates the JWT and passes on to the ESB for instance. I

Re: [Dev] IS_Server JWT Settings

2015-08-03 Thread Nuwan Dias
Hi Senaka, Its not just about enabling/disabling JWT. We also have options of caching the JWT, specifying custom claims to be included in the JWT, extending the JWT generator implementation to include custom attributes, etc. All these are provided through the configuration on the KM since its the

Re: [Dev] IS_Server JWT Settings

2015-08-03 Thread Nuwan Dias
On Mon, Aug 3, 2015 at 6:28 PM, Senaka Fernando sen...@wso2.com wrote: Hi Nuwan, So I think then there are few things now. 1. First the docs need to be clear on what is done @ IS - your context is far more clearer than what the docs actually explain. 2. Also related to #1 above,

Re: [Dev] IS_Server JWT Settings

2015-08-03 Thread Sanjeewa Malalgoda
On Mon, Aug 3, 2015 at 6:28 PM, Senaka Fernando sen...@wso2.com wrote: Hi Nuwan, So I think then there are few things now. 1. First the docs need to be clear on what is done @ IS - your context is far more clearer than what the docs actually explain. 2. Also related to #1 above,