Liberty Repository[8.5.5.4 or later]
This topic applies to WebSphere Application Server Liberty V8.5.5.9 and earlier. For the latest Liberty topics, see the WebSphere Application Server Liberty documentation.

Configuring an OpenID Connect Provider to accept JSON Web Tokens (JWT) for authorization grants

You can configure a Liberty server that acts as an OpenID Connect Provider to accept a JSON Web Token in exchange for an access token.

About this task

You can configure a Liberty server that acts as an OpenID Connect Provider to accept JSON Web Tokens by enabling the openidConnectServer-1.0 and ssl-1.0 features, in addition to other optional configuration information.

Procedure

  1. Ensure the ssl-1.0 and openidConnectServer-1.0 features are included in the feature manifest in the server.xml file.
    <featureManager>
        <feature>ssl-1.0</feature>
        <feature>openidConnectServer-1.0</feature>
    </featureManager>
  2. Optional: Configure a jwtGrantType element inside of the appropriate oauthProvider element. The jwtGrantType element is optional. If no jwtGrantType element is included, the default values for all attributes are used; for example:
    <oauthProvider id="OAuthConfigSample" ...>
        <jwtGrantType clockSkew="5m" iatRequired="false" tokenMaxLifetime="120m" maxJtiCacheSize="10000"/>
        ...
    </oauthProvider>

    For more JWT configuration options, see the section for the jwtGrantType element in the **** MISSING FILE **** topic.


Icon that indicates the type of topic Task topic



Timestamp icon Last updated: Tuesday, 12 December 2017
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-libcore-mp&topic=twlp_config_jwttoken
File name: twlp_config_jwttoken.html