IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Junction JWT bearer token

    Posted Tue March 23, 2021 07:56 AM
    Hi,

    We are migrating from tfim-sso to the native jwt support for junctions with the "new" [jwt:<jct-id>] stanza.
    Some of our backend applications expect jwt bearer token, and we used sts chain rewrite rule to achieve this.

    How can we do the same with [jwt:<jct-id>] stanza?

    ------------------------------
    Øyvind Bergerud
    ------------------------------


  • 2.  RE: Junction JWT bearer token
    Best Answer

    Posted Tue March 23, 2021 04:10 PM
    Øyvind,
     
    When you refer to a JWT bearer token I assume that you mean that the JWT needs to be prefixed with 'Bearer '?  If so, this can't be achieved with the built in JWT support at the moment and you will need to continue to use the tfim-sso junction.  However, the upcoming 10.0.2 release (due to be released in June) will allow you to control the format of the HTTP header, including the ability to prefix the generated JWT with 'Bearer'.
     
    I hope that this helps.
     
     

    Scott A. Exton
    Senior Software Engineer
    Chief Programmer - IBM Security Verify Access
    IBM Master Inventor

     
     



    Original Message


  • 3.  RE: Junction JWT bearer token

    Posted Wed March 24, 2021 03:00 AM
    Hi Scott,

    Thanks for the reply, yes the functunality in 10.0.2 is what we are looking for.

    ------------------------------
    Øyvind Bergerud
    ------------------------------

    Original Message


Related Content