JWT Claim Set

Uday_Himmath1 · April 8, 2019, 8:27am

Hello All,

I have created an API and plan to give access to the API based on the JWT token claims.
JWT Claims are issued by an Identity Provider which has list of values in one of the custom claim.
Eg: “role”: [ admin, productadmin, productuser, normaluser]

How can I validate the incoming JWT token if user has following roles give access to the API otherwise throw error.

I have already completed with below activities

The JWT issuers configuration done properly.
Certificate issuer mapping done.
audience values and the necessary API level policies are applied properly.
Created an application subscribing to the API
Tested with sub and role with one value works fine.

But I am facing issue to validate the claim has multiple values.I have tried claim set also but no luck.

Please suggest me if I am missing something.

Thanks,
Uday

system · April 8, 2019, 11:48am

Hi Uday,
API Gateway doesn’t support it. We have in the pipeline to enhance it.

franklinantony · October 29, 2020, 8:02am

Does the gateway support an array of claims now ? eg “role”: [ admin, normal, guest]

Topic		Replies	Views
Jwt claim set validation webMethods , API-Management , API-Gateway	2	425	April 6, 2024
Securing APIs using JSON Web Token in API Gateway and get claims from Application specifique webMethods , API-Management , API-Gateway	3	822	September 26, 2022
webMethods API Gateway Q&A - API Gateway Application Claims webMethods , API-Management , API-Gateway , Tuesday-troubleshooting	1	330	October 24, 2023
JWT API Gateway webMethods , API-Management , API-Gateway	5	2032	April 2, 2021
Access API Gateway application Identifier Claim set in IS service. webMethods , API-Management , API-Gateway	5	1997	April 2, 2021

JWT Claim Set

Related topics