Forum Discussion

Cirrus

Mar 09, 2022

Authorize request based on JWT group claims with API protection profile

Hello all! I´m trying to figure out a way to authorize requests that have been already authenticated by an Oauth scope step in the per-request policy. Conceptually it sounds quite simple: if a group...

application delivery

security

Ustrum

Cirrus

Jul 08, 2022

In case someone ends up in this thread, eventually got this sorted out with irules (what else?), based on the jwt parser from this post

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Authorize request based on JWT group claims with API protection profile

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

Cisco TACACS+ Config on ISE LTM Pair

Related Content

JWT authorization with NGINX Ingress Controller

L7 DoS Protection with NGINX App Protect DoS

F5 API Security: Discovery and Protection

Cookie-based DDoS protection

How To Protect Your Applications from Cross Site Request Forgery (CSRF) with F5 Distributed Cloud

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS