Hi John, I think the IS sends back the JWT, but when you use IS as the key manager, shouldn't it be the API-M that requests for the JWT from IS? And, regardless of that the setting should be done at the API-M GW IMO, because that's what creates the JWT and passes on to the ESB for instance. I think it has to happen that way, especially with external KMs used and all. Therefore, I think this setting should be done on the API-M GW-side (if I understood correctly).
AM team, what's your thoughts on this? Thanks, Senaka. On Mon, Aug 3, 2015 at 11:47 AM, John Hawkins <[email protected]> wrote: > Hi Folks, > > I've just been following these instructions [1] to get the API-M talking > to the Identity server. I am confused as to why I have set JWT on in the > Identity servers api-manager.xml [2] and not just in the API-M? Isn't it > the API-M sending JWT out rather than the IS ? Can someone explain to me > what's going on under-the-hood please? > > > [1] > https://docs.wso2.com/display/CLUSTER420/Configuring+the+Pre-Packaged+Identity+Server+5.0.0+with+API+Manager+1.9.0 > > [2] Bullet 7: JWT configuration must be done in the > <IS_HOME>/repository/conf/api-manager.xml file in the Identity Server. > > > many thanks, > John. > > > > John Hawkins > Director: Solutions Architecture > > -- *[image: http://wso2.com] <http://wso2.com>Senaka Fernando* Solutions Architect; WSO2 Inc.; http://wso2.com *Member; Apache Software Foundation; http://apache.org <http://apache.org>E-mail: senaka AT wso2.com <http://wso2.com>**P: +1 408 754 7388; ext: 51736*; *M: +44 782 741 1966Linked-In: http://linkedin.com/in/senakafernando <http://linkedin.com/in/senakafernando>*Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
