Overview of JWT Authentication Connector

Release Notes

API Management Release Date	Release Type	Release Description
May 17, 2022	Minor update	Support custom error message with connector configurations.
May 11, 2020	New Feature	Support match policy to allow additional validation based on JWT claims value.

Description

• The Connector authenticates request calls coming from the client using third party JWT token. This provides authentication augmentation on top of API key which is used in API Management.

• Connector enforces existence and validity of a JWT specified in HTTP Authorization header.

• Connector supports injecting claims value in request to enrich http headers which can be specified in pre_input configuration.

• Connector provides configurable capability to block/forward http Authorization header to backend/origin server.

• Supports JSONPath expression to locate claim value for non-standard JWT claims.

• Support match policy to allow additional validation based on JWT claims value.

• Supports pre-processing of API request.

• Supports custom error message with connector configurations.

Related Links

• Usage

• Design and Implementation

• Configuring Endpoint Call Processing

• Local Edition Porting and Chaining

• JWT Token Generation for HMAC using SHA Algorithm

• JWT Token Generation for RSA using SHA Algorithm

• JWT Token Generation Using ECDSA Algorithm

• Business Use Cases Feasible Using JWT Connector