Thanks Francesco, I will take care of that. Another question - do we have tests (e.g. bad signature, untrusted signature, token expired etc.)?
Colm. On Tue, Jun 13, 2017 at 4:21 PM, Francesco Chicchiriccò <ilgro...@apache.org > wrote: > On 13/06/2017 17:17, Colm O hEigeartaigh wrote: > >> Hi all, >> >> The docs state that "X-Syncope-Token is returned on response to successful >> authentication >> <https://syncope.apache.org/docs/reference-guide.html#rest- >> authentication-and-authorization>, >> and contains the unique signed JSON Web Token >> <https://en.wikipedia.org/wiki/JSON_Web_Token> identifying the >> authenticated user". >> >> However with, e.g. curl -I -u alice:security >> http://localhost:8080/syncope/rest/users/self I don't see the >> X-Syncope-Token header being returned (Syncope 2.0.4-SNAPSHOT). >> >> Do I need to explicitly configure returning the token or am I missing >> something else? >> > > The endpoint for obtaining the JWT is > > POST /accessTokens/login > > Maybe it is an idea to add an example to that section in the docs. > > Regards. > > -- > Francesco Chicchiriccò > > Tirasa - Open Source Excellence > http://www.tirasa.net/ > > Member at The Apache Software Foundation > Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail > http://home.apache.org/~ilgrosso/ > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com