Get Header and Payload from a DecodeJWT

gustavoolmedofo · 01-18-2019 12:40 PM

Hello, I have a policy that is decoding the JWT from a request. Now I want to use the Header and the Payload that I got in another policy, there is any way that I can do that? Can I store the decodedJWT result in a variable and access it from another policy?

sidd-harth

Hi @Gustavo Adolfo Olmedo, yes we can get the Header and Payload in flow variables and can be used in other policies/conditions.

Each policy in Apigee populates flow variables, you can get the details of these flow variables from the documentation page or you can also see them in the Trace Session,

https://docs.apigee.com/api-platform/reference/policies/decode-jwt-policy#flow-variables

header.kid
header.algorithm
header.type
header.name
header-json

payload-json
payload-claim-names

These variables can be be after DecodeJWT policy.

gustavoolmedofo

Hi Siddharth yes I tought on that, but if I add a new step with a custom javascript policy and I try to access to the jwt.{policy_name}.{variable_name} or context.jwt.{policy_name}.{variable_name} I got undefined.

sidd-harth

In JS we can use context.getVariable,

context.getVariable() - Retrieves the value of a pre-defined or custom variable.

context.setVariable() - Sets the value for a custom variable or for any writable pre-defined variables.

var jwtHeader = context.getVariable("header-json");
var jwtPayload = context.getVariable("payload-json");
var any_modifications = jwtHeader + jwtPayload;
context.setVariable("modifiedVariable", any_modifications);

https://docs.apigee.com/api-platform/reference/javascript-object-model#contextobjectreference