0

I found this:

WSO2 Identity Server JWT Access token

but it doesn't seem to be answered.

What I want to do is this:

1 - call some URL on the WSO2 Identity Server to authenticate, sending a username and password, and have it send me back a Json Web Token (JWT). It's possible this will have to be 2 calls, one to authenticate and one to retrieve the JWT but I'd really really like to avoid that.

2 - pass the JWT along to WSO2 microservices via the Authorization: Bearer header

3 - have the microservices automatically validate the JWT and get the user information so I can build a security context. I expect this will need to call back to the WSO2 Identity Server for every call.

Is there a step by step guide to getting this working? Everything I see involves redirecting the user to log in at the WSO2 identity server or generating a JWT which is app client specific, not user specific. This should be front and center for the MSF4J documentation.

Community
  • 1
  • 1
Jason Carreira
  • 449
  • 6
  • 16

1 Answers1

0

You can check the MSF4J JWT claim sample. It explains scenario step by step the https://github.com/wso2/msf4j/tree/v2.1.0/samples/jwt-claims

Thusitha Thilina Dayaratne
  • 5,666
  • 4
  • 42
  • 69
  • It really doesn't: `1) Open the travelocity web app from http://localhost:8080/travelocity.com 2) Login using your credentials with SAML SSO. 3) Click on Request OAuth2 Access Token and send to micro service.` – Jason Carreira Jan 11 '17 at 14:15
  • I want to log in via an HTTP POST, not via a webpage – Jason Carreira Jan 11 '17 at 14:17