Re: Can I make Algorithm a variable value in Gener...

ApigeeUser777 · 03-11-2022 12:46 PM

Hi,

I am trying a POC where I can generate a JWT policy with multiple algorithms as needed. Can I make the Algorithm a variable value in Generate JWT policy instead of a hardcoded value?@DChiesa

ApigeeUser777

I mean something like this 
<Algorithm ref=’variable_name_here’/>
<Algorithm>{AL-Value}</Algorithm>
<Algorithm ref="AL-Value"/>

API-Evangelist

General Inquiry..Why do you want to do so? May be use custom java code with properties may help but why 🙂

No. OOB policy doesn't have a option for ref to read it.

https://docs.apigee.com/api-platform/reference/policies/generate-jwt-policy#algorithm

ApigeeUser777

just want to have a shared flow that can generate JWT with different Algorithms and sign it with private keys depending on the input from proxy .... just want to check if I can do that with OOB options.

dchiesa1

No you cannot do that with the GenerateJWT policy.

It was considered to be a security hole, to allow dynamic specification of the algorithm in the policy configuration. The way to accomplish what you want is to use a distinct policy for each distinct algorithm. !!

Can I make Algorithm a variable value in Generate JWT policy instead of hard coded value