Thursday, October 30, 2014

How to modify JWT to retrieve subscriber details instead of end user - WSO2 API Manager

IN WSO2 API Manager JWT generated per API call. To generate we will use access token coming with the request. From this token we will retrieve token owner(person who generated token).
Once we have token owner, we will retrieve claims associated with that user. In this case we need to get application owner details(person who create application and subscribe to API). We have an extension point to implement claim retriever.

We can find more information from this[1] document. If you need to generate custom claims based on your requirement you need to implement claim retriever class and configure following[2] parameter in api-manager.xml configuration file.
Inside our implementation we need to retrieve application owner and retrieve his claims. For this first we need to get SUBSCRIBER_ID from AM_APPLICATION table by using application Id(we already have it in JWT). Then need to retrieve USER_ID from AM_SUBSCRIBER table by using previously retrieved SUBSCRIBER_ID. Then from that USER_ID we will be able to retrieve claims of Application owner in the same way we do it for end user. Hope this will help you.

[1]https://docs.wso2.com/display/AM170/Passing+Enduser+attributes+to+the+Backend+Using+JWT
[2]<ClaimsRetrieverImplClass>org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever</ClaimsRetrieverImplClass>

No comments:

Post a Comment