Solved: Generate and sign a JWT in Hybrid Apigee

praviningawale · 03-15-2022 12:02 AM

We are using access token from okta and to access okta resource we need to generate and sign a JWT

For testing purpose okta documentation suggest to use below tool to get JWT. In this we enter the private key and Payload to get JWT

https://www.jsonwebtoken.dev/

How can we achieve it in Apigee ?

The documentation also suggest to use below code to get JWT, but this code does not work in apigee

PrivateKey privateKey = // Load an RSA private key from configuration
Instant now = Instant.now();

String jwt = Jwts.builder()
        .setAudience("https://${yourOktaDomain}/oauth2/default/v1/token")
        .setIssuedAt(Date.from(now))
        .setExpiration(Date.from(now.plus(5L, ChronoUnit.MINUTES)))
        .setIssuer(clientId)
        .setSubject(clientId)
        .setId(UUID.randomUUID().toString())
        .signWith(privateKey)
        .compact();

praviningawale

This is now sorted

We have used Generate JWT policy
Okta has imported Public/private key provided by us.
We have used the private key to generate JWT

View solution in original post

API-Evangelist

Did you get a chance to take a look at below & use apigee provided policies which should be simple to configure & generate as per your needs.

https://docs.apigee.com/api-platform/reference/policies/jwt-policies-overview

if you are interested in java callout (https://docs.apigee.com/api-platform/samples/cookbook/how-create-java-callout) policy you want to take a look at https://github.com/apigee/iloveapis2015-jwt-jwe-jws and make changes.

praviningawale

This is now sorted

We have used Generate JWT policy
Okta has imported Public/private key provided by us.
We have used the private key to generate JWT