Forum Discussion

Nimbostratus

Jan 04, 2019

APM: OAUTH2 JWT Token with groups claim

Hello and happy new year 😉 We use APM as OAuth Authorization Server to create JWT token for apps. One of our customers wants to use the MicroProfile JWT(MP-JWT) for his application, that needs som...

BIG-IP Access Policy Manager (APM)

Nimbostratus

Bump! Same question on my side, this is actually a mandatory feature.

Any possibility to do json arrays / lists in a claim?

Thanks!

Eric_Chen_12394

Historic F5 Account

Feb 22, 2019

I believe this is possible (at least on <= 14.1) if you use an iRule event. Something like:

¬†

...
set mygroups [ ACCESS::session data get "session.mygroups" ]
append payload {,"mygroups":} "\[$mygroups\]"
...

This is adapted from the example at: https://clouddocs.f5.com/api/irules/ACCESS__oauth.html

¬†

In my AP I have a variable assign with an expression of:

¬†

return {"group1","group2"}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

APM: OAUTH2 JWT Token with groups claim

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

iControl REST Authentication Token Management

APM - translating group SIDs extracted from Kerberos token

set TOKEN [getfield [HTTP::uri]

Certified Kubernetes Administrator - Study Group

APM/OAuth2 : auto apply changes made by discovery

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS