IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only

  • 1.  Jwt claim set validation

    Posted Mon September 25, 2023 07:31 AM

    Hi,

    I am using web methods API Gateway and using JWT for authorization. Issue is the claim set is defined in identifiers section in application, but API gateway is not validating that claim set. if i request for JWT token with valid gateway key and have additional information in request payload as claim set it still validates and returns valid token.

    e.g
    claim set defined in Application is
    {“claimsSet”: {“channel”:“web”}}

    and i sent in request body

    {“claimsSet”: {“channel”:“web”,“addTest”:“extra info”}}

    but API gateway added the extra information in JWT token and did not validated with claim set


    #API-Gateway
    #API-Management
    #webMethods


  • 2.  RE: Jwt claim set validation

    Posted Mon October 09, 2023 12:07 AM

    hi @muhammad.usman22,
    Ideally it should validate the claim set.
    Did you try with some other value in the claim set like app ID.

    If not can you please give a try for that as well.
    Also share what is the error you are getting for same.

    Regards
    Vikash Sharma


    #API-Gateway
    #API-Management
    #webMethods


Related Content