Hello,

I have followed labs and cookbooks like Federation, OAuth, API-protactions by Jon. I am trying to work on use case where OAuth Clients(Java Based System Application) gets id_token from OP/IDP in Hybrid OAuth or odice flow and makes a cross domain request to another endpoint which is a reverse Proxy behind another ISAM Runtime with runas/bearer authorization JWT on header to get access to protectes resources.




------------------------------
Piyush Agrawal
ISAM Security Architect
Norway
------------------------------

I had possibility to fix above issue by using access_token and shareing ISAM Runtime on crossdomain /mga junction.

------------------------------
Piyush Agrawal
------------------------------

Original Message:
Sent: Wed January 15, 2020 12:17 PM
From: Piyush Agrawal
Subject: Accessing Protected Resource with JWT in request header from JAVA client

Hello,

I have followed labs and cookbooks like Federation, OAuth, API-protactions by Jon. I am trying to work on use case where OAuth Clients(Java Based System Application) gets id_token from OP/IDP in Hybrid OAuth or odice flow and makes a cross domain request to another endpoint which is a reverse Proxy behind another ISAM Runtime with runas/bearer authorization JWT on header to get access to protectes resources.




------------------------------
Piyush Agrawal
ISAM Security Architect
Norway
------------------------------