AnsweredAssumed Answered

Using grant type = jwt bearer

Question asked by PavanReddy on Jun 6, 2018
Latest reply on Jul 1, 2018 by Mark_HE

Hi ,


We are using a third part application as IDP ,and

1)it is going to generate a JWT

2)Send the JWT to APIGW

3)APIGW  to use /introspect of third party to verify the JWT

4)If it is valid generate a access_token only and send it to the browser


Can you please help me understand where to make the changes for checking the JWT ,thinking of using grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer