Hi
i want to send a request from AWS API Gateway for token validation using Lambda to Apigee. The token will generated by Apigee Edge. Is there any solution available to achieve it?
It is pretty standard use case. Assuming you have a token generated in apigee & you will be using lambda (python/nodejs) to validate.
1.Make sure you have required iam policy.
2.The verifier must extract and decode the JWT header and signature from the JWS provided in the Authorization header.
3.Use jwt header - kid value to fetch the coresponding public key from jwks(JSON Web Key Sets) - jwks should be publicly accessible
read more about jwks
https://docs.apigee.com/api-platform/reference/policies/jwt-policies-overview#about-jwks
4.Use the public key to verify.(lot of libraries available which does it for you jsonwebtoken,jose etc)
Hi V
Thanks for your reply, will go through the steps you mentioned.
Can you clarify?
to send a request from AWS API Gateway for token validation using Lambda to Apigee. The token will generated by Apigee Edge.
So Apigee Edge is generating a token. And then somehow your Lambda function is sending a request containing that token, to Apigee. ? Is that right? If Apigee generates the token with GenerateJWT, then I guess Apigee can also verify the token with VerifyJWT. Does this make sense? These are builtin policies. It should be straightforward.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |