This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Hi @dchiesa1 We intending on encrypting a JSON payload with a
dynamically generated CEK using AES256GCM and then encrypting the CEK
using a RSA-OAEP-256 algorithm (public-private key pair) and sending it
to the Apigee proxy as an encrypted JWT.Does t...
Thank you for your detailed response @dchiesa1. I have an additional
question regarding the EncryptedJWT Java callout. Does it give us an
option to explicitly set the content encryption key at the time of
generation?
Hi, Thank you for your insight. Yes, we are using the RFC mentioned. The
intention is for the client to encrypt the entire payload which gets
decrypted in Apigee and passed unencrypted to the backend. The backend
response sent back to Apigee which is...
Hi Dino, We intending on encrypting a JSON payload with a dynamically
generated CEK using AES256GCM and then encrypting the CEK using a
RSA-OAEP-256 algorithm and sending it to the Apigee proxy as an
encrypted JWT.Does the verifyEncryptedJWT callout
...
