Hi Nicolas, To get a JWT token from the API Manager, the Token Type of the application you are trying with needs to be set to 'JWT'. This needs to be done from the API Store UI under the Edit Application section. See the section "Generate a JWT token and invoke the API" of the document [1] to see what this looks like.
[1] - https://docs.wso2.com/display/AM260/Microgateway+Quick+Start Thanks, NuwanD. On Wed, Oct 24, 2018 at 3:45 PM Nicolas Maujean < [email protected]> wrote: > > hi, > > Why wso2 token call return oauth token whereas we configured wso2 to > return jwt token, the following way : > > > https://docs.wso2.com/display/AM170/Passing+Enduser+Attributes+to+the+Backend+Using+JWT > > when we call the command, to get the token, we get the following result : > > [root@DL-OPEN-INT conf]# curl -k -d "grant_type=client_credentials" \ > > -H "Authorization: Basic > OXpEQWNFaEljOVN5aElwcDFDaFhJRUxRSTFrYTo2dVY4MGQyM2lIYUZjWHZva2c4bUtrTDB1UDhh" > \ > https://10.200.36.22:8243/token > > {"access_token":"d4dce5b7-d75d-327c-a5e9-a13ca48782d6","scope":"am_application_scope > default","token_type":"Bearer","expires_in":3600}[root@DL-OPEN-INT conf]# > > here is the api-manager.xml : > > <JWTConfiguration> > <!-- Enable/Disable JWT generation. Default is false. --> > <EnableJWTGeneration>true</EnableJWTGeneration> > > <!-- Name of the security context header to be added to the validated > requests. --> > <JWTHeader>X-JWT-Assertion</JWTHeader> > > <!-- Fully qualified name of the class that will retrieve additional user > claims > to be appended to the JWT. If not specified no claims will be > appended.If user wants to add all user claims in the > jwt token, he needs to enable this parameter. > The DefaultClaimsRetriever class adds user claims from the default > carbon user store. --> > > <ClaimsRetrieverImplClass>org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever</ClaimsRetrieverImplClass> > > <!-- The dialectURI under which the claimURIs that need to be appended to > the > JWT are defined. Not used with custom ClaimsRetriever > implementations. The > same value is used in the keys for appending the default properties > to the > JWT. --> > <ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI> > > <!-- Signature algorithm. Accepts "SHA256withRSA" or "NONE". To disable > signing explicitly specify "NONE". --> > <SignatureAlgorithm>NONE</SignatureAlgorithm> > > <!-- This parameter specifies which implementation should be used for > generating the Token. JWTGenerator is the > default implementation provided. --> > > <JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.JWTGenerator</JWTGeneratorImpl> > > <!-- This parameter specifies which implementation should be used for > generating the Token. For URL safe JWT > Token generation the implementation is provided in > URLSafeJWTGenerator --> > > <!--<JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.URLSafeJWTGenerator</JWTGeneratorImpl>--> > > <!-- Remove UserName from JWT Token --> > <!-- > <RemoveUserNameFromJWTForApplicationToken>true</RemoveUserNameFromJWTForApplicationToken>--> > </JWTConfiguration> > > > best regards, > > > Nicolas Maujean > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- *Nuwan Dias* | Director | WSO2 Inc. (m) +94 777 775 729 | (e) [email protected] [image: Signature.jpg]
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
