Monday, June 20, 2016

Adding API name to JWT Token WSO2 API Manager 1.8.0

If we need to set additional claims to the JWT token, we need to implement a custom JWT token generator as explained in [1].  Assume you need to set the API Name to the JWT token. You could do it as below in your custom JWT Token generator.

public Map<String, String> populateCustomClaims(APIKeyValidationInfoDTO keyValidationInfoDTO, String apiContext, String version, String accessToken)
            throws APIManagementException {

        String apiName = keyValidationInfoDTO.getApiName();
        Map<String,String> map = new HashMap<String, String>();
        map.put("API_NAME", apiName);

        return map;
    }



This will set the API_NAME property with the value to the JWT token like below.

{"iss":"wso2.org/products/am","exp":1466431406496,"http://wso2.org/claims/subscriber":"admin","http://wso2.org/claims/applicationid":"2","http://wso2.org/claims/applicationname":"app1","http://wso2.org/claims/applicationtier":"Unlimited","http://wso2.org/claims/apicontext":"/custom","http://wso2.org/claims/version":"1.0","http://wso2.org/claims/tier":"Bronze","http://wso2.org/claims/keytype":"PRODUCTION","http://wso2.org/claims/usertype":"APPLICATION","http://wso2.org/claims/enduser":"null","http://wso2.org/claims/enduserTenantId":"null","API_NAME":"CustomAPI"};

[1] https://docs.wso2.com/display/AM180/Passing+Enduser+Attributes+to+the+Backend+Using+JWT

No comments:

Post a Comment