I Have encountered a problem of having Reference to flow variable of a policy
The flow is something like this
Depending on the Diff Oauth provider like ( AWS Azure etc) the Client ID might be contained in different claims
like
jwt.DecodeJWT.claim.client_id
jwt.DecodeJWT.claim.azp
jwt.DecodeJWT.claim.api_key
Now instead of putting condition and separte assign message policy for each auth providers, We thought to put the claim name in KVM ( this requires no change in SF when a new auth server comes). The KVM would look like for example.
Key:AWS Value:client_id
Key:Azure Value:azp
We get this value in variable ID after fetching the claim name. We are trying to use AssignMessage to form the path to fetch the client id.
<AssignVariable>
<Name>ClientID</Name>
<Template>jwt.DecodeJWT.claim.{ID}</Template>
</AssignVariable>
Now when we try to extract the value of ClientID variable it gives the name of the variable that contains the client id, but not the actual client id decoded by the policy.
Is this doable what we are trying to achieve , dynamically creating flow variable getting the reference to them and extracting those value
Yes, it's doable. You may need to use a slightly different way. Eg, use jsonpath. Like this:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage continueOnError="false" enabled="true" name="AM-Extract-ClientID">
<AssignVariable>
<!-- maybe look this up from KVM or otherwise -->
<!- for purposes of the demonstration, we just set it in a variable -->
<Name>clientid_claim_name</Name>
<Value>client_id</Value>
</AssignVariable>
<AssignVariable>
<Name>clientid_jsonpath</Name>
<Template>$.{clientid_claim_name}</Template>
</AssignVariable>
<AssignVariable>
<Name>extracted_client_id</Name>
<Value>BADDBEEF</Value>
<Template>{jsonPath(clientid_jsonpath,jwt.DecodeJWT-1.payload-json)}</Template>
</AssignVariable>
</AssignMessage>
EDIT
After further consideration there is another way to do what you want without resorting to Jsonpath. You can use double curlies... and then the Template element with a ref. This works for me:
<AssignMessage continueOnError="false" enabled="true" name="AM-Extract-Approach2">
<AssignVariable>
<Name>clientid_claim_name</Name>
<Value>client_id</Value>
</AssignVariable>
<AssignVariable>
<Name>variable_name</Name>
<Template>jwt.DecodeJWT-1.claim.{clientid_claim_name}</Template>
</AssignVariable>
<AssignVariable>
<Name>variable_template</Name>
<Template>{{variable_name}}</Template>
</AssignVariable>
<AssignVariable>
<Name>variable_value</Name>
<Template ref="variable_template"/>
</AssignVariable>
</AssignMessage>