I want to know the best practice/approach and how to handle case below,
Integration Server consume the third party services and those service are protected by jwt. This implementation require in the integration server instead of APIGW.
I need to get JWT token by calling the vendor login resource passing username and password only incase token expired. In next business service call will pass the that token in request header.
Where to store username and password and how to get this for generating the token?
Where to store the above token and how to validate token expiry is valid or not before to call next business service call?