Hi everyone,
I've followed this link and have successfully been able to authenticate using a JWT token that is passed on a junction.
https://www.ibm.com/blogs/security-identity-access/oauth-jwt-access-token/I'm now wanting to see if there is a way to use different STS chains based on what the federation ID is.
The fed-id-param seems to allow this but when I pass a request parameter it doesn't seem to make any difference. It always uses the value of default-fed-id.
# The Provider ID of the default OAuth federation. If a Provider ID is not
# provided in the request using the fed-id-param option, this provider ID will
# be used for OAuth requests. The Provider ID of a federation can be found on
# the federation properties page.
default-fed-id = urn:jwt:webseal
# The name of the request parameter that can be used to override the
# default-fed-id option configured above. By deleting this configuration
# option, you can enforce that the default fed id is always used.
fed-id-param = FederationId
For example:
curl -k -s -S
https://myurl/myjunction/index.html?FederationId=urn:jwt:websealtest -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0ZGFtYSIsIm.example
This always uses the STS chain path for urn:jwt:webseal instead of urn:jwt:websealtest.
Am I not passing the request parameter correctly?
Thanks,
Scott
------------------------------
Scott Reichardt.
ISAM 9.0.6
------------------------------