This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to validate and extract details from JWT token generated by oAuth Server (could be Okta) at both Edge and Micro Gateway?

Posted on 08-15-2018 09:02 AM
sirisha-pulivar
New Member
Reply posted on --/--/---- --:-- AM

We are using both Edge for external applications and MG for internal applications requiring access to APIs. However, accessToken will be generated by oAuthServer on-premise (Ping) or Okta irrespective of where the call comes from (internal or external). So if the accessToken is generated by Okta, can it be validated with public key at both Edge and MG level and grant access to APIs? Are there other options (more secure) to validate and extract information from accessToken? Assuming we have 2 way TLS enabled between Edge and MG.

0 3 1,158
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
sidd-harth
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi @SirishaPulivarthi, please add few more details in your question.

I am only answering about Edge. I am not sure about Microgateway.

We have some docs on Okta & Apigee Integration. Please have a look at,

https://github.com/apigee/apigee-okta

https://community.apigee.com/articles/28752/apigeeokta-integration-resource-owner-password-gra.html

0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

This has been described. Search the archives. You will find the answers.

0 Likes

Posted on --/--/---- --:-- AM
Former Community Member
Not applicable
Reply posted on --/--/---- --:-- AM

Yes, MG can validate JWT tokens issued by Okta/Ping. See this plugin. If the Okta/Ping JWT contains a claim which is also the Apigee API Key/client_id, then MG will also enforce API Product entitlements.