Problem
Currently, users are required to write a custom key manager each time a new key manager is required.
Proposed Solution
Implement a custom Key Manager connector for WSO2 APIM that supports JWT tokens using an Out-of-Band provisioning model.
Manual Provisioning: This is simply "Client Registration" performed out-of-band, as allowed by the spec.
JWT Validation: We are following RFC 7519. The Gateway validates the iss (issuer) and aud (audience) claims to ensure the token belongs to the mapped application.
Alternatives
No response
Version
apim-4.6.0
Problem
Currently, users are required to write a custom key manager each time a new key manager is required.
Proposed Solution
Implement a custom Key Manager connector for WSO2 APIM that supports JWT tokens using an Out-of-Band provisioning model.
Manual Provisioning: This is simply "Client Registration" performed out-of-band, as allowed by the spec.
JWT Validation: We are following RFC 7519. The Gateway validates the iss (issuer) and aud (audience) claims to ensure the token belongs to the mapped application.
Alternatives
No response
Version
apim-4.6.0