Category: JWT verification
-
JWT verification- Digital Transformation with IBM API Connect
Verification of a JWT is an authorization process. It assumes that the JWT presented has been issued to an authenticated client (within the confines of the token’s validity period). Thus, JWT verification concerns itself with ensuring that the client is authorized to access the protected resource and that the JWT has been signed by a…
-
Testing OAuth flow- Digital Transformation with IBM API Connect
Like other OAuth configuration steps, testing the OAuth flow is also a multi-step process. This is due to the nature of multiple interactions between all the parties involved in OAuth processing. Apart from the complexity of the multiple parties, OAuth flow also changes based on the configured grant type in the OAuth provider. You will…
-
Configuring native OAuth providers – Digital Transformation with IBM API Connect
Just what is an OAuth provider? An OAuth provider is a service provider that provides authorization services via an Authorization Server to the Resource Owner (typically the end user) and to the Client (typically the applications trying to access the Resources on the resource owner’s behalf). An OAuth provider is a third party that is…
-
Introducing the LDAP user registry – Digital Transformation with IBM API Connect
Most corporations maintain their system login credentials (employee, applications) in an LDAP repository. They do this for multiple good reasons, such as the systematic organization of records in a hierarchical structure, data security, and platform neutrality. For such scenarios, APIC supports an LDAP user registry type. Creating an LDAP user registry requires many details and…
-
Creating a user registry – Digital Transformation with IBM API Connect
You can create a new user registry by logging in to the API Manager and navigating to Home | Manage resources | User registries | Create. You will be presented with the screen shown in Figure 7.3: Figure 7.3 – Selecting a new user registry type As shown in Figure 7.3, there are four types…
-
Updating the Evidence API with operation-switch – Digital Transformation with IBM API Connect-2
As you can see, operation-switch shows readable cases so that you can understand what they will be doing. We can make it more readable by changing the invoke policy to a more descriptive name. To do so, perform the following steps: Figure 6.58 – Updating the title from invoke to get Evidence by id After…
-
The If and Switch logic policy – Digital Transformation with IBM API Connect-2
7. Drag an invoke policy from the left pane and drop it on the line below Otherwise: Figure 6.28 – Dragging an invoke policy and dropping on the line 8. Now, you will update the properties for the invoke policy to specify the URL and patient ID to act as our default test user. In…
-
Applying logic policies to your FHIR API – Digital Transformation with IBM API Connect
When you were working within the Gateway policies, you may have noticed the logic policies that were listed in the left panel under Logic. While the options are specific to conditional operation, the Throw policy is also provided for conditional error handling. Depending upon the gateway, the number of options differs. Actually, the logic policies…
Recent Posts
- Adding additional security measures- Digital Transformation with IBM API Connect
- JWT verification- Digital Transformation with IBM API Connect
- Using JWT policies- Digital Transformation with IBM API Connect
- OAuth flow changes- Digital Transformation with IBM API Connect
- Implementing OpenId Connect (OIDC)- Digital Transformation with IBM API Connect
Tags
There’s no content to show here yet.