Introduction

In this tutorial you will be learning how to request for JWT token to try out an JWT protected API from webMethods Developer Portal try out page.

Pre-requisite

The tutorial assumes that the reader has:

• a basic understanding of API Gateway’s its policy enforcement and webMethods Developer Portal
• a basic knowledge JSON web tokens (https://jwt.io/introduction/ )

In this tutorial the basic details of how to setup API Gateway as JWT Generator & Validator will be covered. But for more details you could refer the following tutorial JWT in API Gateway

Steps to follow

Step 1: Enable HTTPS port in API Gateway

The JWT token request by default could be invoked via https only. To ensure https port is enabled go to Administration → Security → Ports

image1355×425 31.2 KB

Step 2: Configuring JWT in API Gateway

1. Go to Administration page, click on “Security” tab and click on “JWT” section.
2. Under JWT configuration section, Provide “Token issuer” name, “Algorithm”, “Expiry duration”, "Keystore alias informations and click “Save” button.

image2515×800 83 KB

Step 3: Importing an API into API Gateway and Enforcing JWT

Let me import an API to get latest bitcoin price

image1066×504 25.3 KB

image2530×294 30.3 KB

Edit an API in API Gateway. Click Edit. Click Identity and Access management. Click Identify and authenticate icon. Tick JWT. This procedure will enforce JWT authorization for this service.

image2170×771 71.5 KB

JWT can be used only if the https enabled for the service, to do that select https in Transport level policy

image2118×539 36.6 KB

Then Activate an API

image2224×269 24.8 KB

Step 4: Registering webMethods Developer Portal in API Gateway

Go to Administration → Destinations → API Portal → Configurations. Provide the webMethods Developer Portal communication details and Publish. Note the JWT token request would work only on top of https connection. So ensure you provided https URL of API Gateway

image1803×810 58.1 KB

Next publish an API, ensure you have published https endpoint

image1924×676 49.4 KB

Step 5: Request an Application for an API from webMethods Developer Portal

Login to webMethods Developer Portal. You must be seeing the published API. Click the API. Click consume button to request new application

image1865×312 28.5 KB

image1065×672 22.8 KB

The request would create an Application in API Gateway and the credentials would be shared to webMethods Developer Portal

image1487×840 53.3 KB

Step 6: Requesting an JWT and trying out an API

Now we have an Application, to request JWT token go to tryout page of an API and select an Application,

image2066×687 39.5 KB

Click ‘+’ button. Provide username and password and then Get token

image2282×744 49.9 KB

Now you will be able to view the token in webMethods Developer Portal. Now if you hit the send button you will be able to access the API

image1548×675 40.7 KB

image1508×654 24 KB