1

A backend service needs to know the user for the service call. Reading through the API 1.6.0 documentation I have configured it to generate JWT and removed and republished my services as stated. Running tests, I am not seeing the JWT being passed to the backed service in the response headers in Fiddler. I am not using the ESB or Identity services from WSO2.

What am I missing?

MarkSmudde
  • 13
  • 3

1 Answers1

0

JWT information should be passed in the header under the parameter X-JWT-Assertion. The Content is been encoded. Use TCPMon to intercept the request and see if the API Manager is actually passing the JWT. This would be a good starting point to debug.

Nadeesha
  • 825
  • 2
  • 9
  • 12
  • I had been looking in the wrong place for the JWT. Wrong place is that I did not look from the server perspective as I was looking from my test client's perspective.Thanks. – MarkSmudde Apr 22 '14 at 04:31
  • Could you please reply here http://stackoverflow.com/questions/34537524/passing-end-user-details-from-client-to-real-backend-endpoint-via-jwt-token-in-w ? Thanks, Neha – PAA Jan 04 '16 at 19:31
  • Hello Nadeesha - Could you please share code to get X-JWT-Assertion at WebService /controller? –  Jan 04 '16 at 19:33
  • Below blog gives instructions on how to extract the HTTP headers. http://www.mkyong.com/java/how-to-get-http-request-header-in-java/ – Nadeesha Jan 05 '16 at 10:32