Reputation: 11
WSO2 APIM Token Exchange
I need to perform the token-exchange process between apis calls passing through WSO2 APIM, something like the scenario below:
User -> client app -> WSO2 APIM -> JWT Sent to -> Microservice 1
Next, Microservice 1 needs to propagate the authenticated user's JWT to another service that it depends on (Microservice 2),:
Microservice 1 -> JWT Token Exchange (token issued on the first client access to microservice 1 api)
-> WSO2 APIM -> JWT Sent to -> Microservice 2
It is not enough to propagate the JWT to APIM, Microservice 1 needs to issue a new access token to consume the microservice 2 API, and it is precisely in this process that the token-exchange fits.
Reading the WSO2 APIM All in One documentation, I didn't see anything related to the token exchange process, I only saw about the JWT Bearer, but I don't know if it contemplates this scenario that I reported above.
Upvotes: 1
Views: 654
Answers (2)
Reputation: 11
You can add the context path of the other microservice 2 in audience field of the Jwt and pass the request header's from microservice 1 to microservice 2 and then it will work
Upvotes: 1
Reputation: 1224
If you want to pass the JWT that you send when invoking an API resource, you can enable it by adding the following configuration in deployment.toml file resides in <APIM-Home>/repository/conf directory.
[apim.oauth_config]
enable_outbound_auth_header = true
Upvotes: 1
Related Questions
- JWT in WSO2 APIM 3.1.0
- WSO2: How to integrate APIM and IS in wso2
- wso2 apim 1.10.0 SSL communication
- Requesting Access Token from WSO2 API Manager via Token API
- Authenticate for new APIM REST APIs?
- WSO2 AM HTTP Endpoint
- WSO2 APIM Authentication
- API for WSO2 API Manager
- WSO2 API Manager Authentication
- WSO2 API Manager Store