Question
Accenture Federal Services
US
Last activity: 20 May 2021 10:43 EDT
How to authorize using the JWT Bearer grant type with OAuth2.0
I have a requirement to implement the JWT Bearer grant type for one of my clients and have created a client registration with that grant type active.
I have also created a self signed jks certificate that I created into a Keystore rule and then created a generate and process JWT rule that both use that keystore. Whenever I generate a JWT and then process that same encoded JWT, it works beautifully. When I then use one of the generated tokens to hit my API from postman, it sends back an error that I have an invalid token. How do I get it to correctly authorize my tokens from an outside source?
I am working in version 8.1
Any help would be appreciated!
Accepted Solution
Updated: 20 May 2021 10:43 EDT
Accenture Federal Services
US
Yes, my issue was that I was using the incorrect grant_type value when sending the request. I needed to send
urn:ietf:params:oauth:grant-type:jwt-bearer
as the grant_type in the header and the jwt token as the assertion in the header along with my client id and secret.
Accepted Solution
Updated: 20 May 2021 10:43 EDT
Accenture Federal Services
US
Yes, my issue was that I was using the incorrect grant_type value when sending the request. I needed to send
urn:ietf:params:oauth:grant-type:jwt-bearer
as the grant_type in the header and the jwt token as the assertion in the header along with my client id and secret.