IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only

  • 1.  JWT Claim Set

    Posted Mon April 08, 2019 04:27 AM

    Hello All,

    I have created an API and plan to give access to the API based on the JWT token claims.
    JWT Claims are issued by an Identity Provider which has list of values in one of the custom claim.
    Eg: “role”: [ admin, productadmin, productuser, normaluser]

    How can I validate the incoming JWT token if user has following roles give access to the API otherwise throw error.

    I have already completed with below activities

    The JWT issuers configuration done properly.
    Certificate issuer mapping done.
    audience values and the necessary API level policies are applied properly.
    Created an application subscribing to the API
    Tested with sub and role with one value works fine.

    But I am facing issue to validate the claim has multiple values.I have tried claim set also but no luck.

    Please suggest me if I am missing something.

    Thanks,
    Uday


    #webMethods
    #API-Management
    #API-Gateway


  • 2.  RE: JWT Claim Set

    Posted Mon April 08, 2019 07:49 AM

    Hi Uday,
    API Gateway doesn’t support it. We have in the pipeline to enhance it.


    #webMethods
    #API-Management
    #API-Gateway


  • 3.  RE: JWT Claim Set

    Posted Thu October 29, 2020 04:02 AM

    Does the gateway support an array of claims now ? eg “role”: [ admin, normal, guest]


    #webMethods
    #API-Gateway
    #API-Management


Related Content