Forum Discussion
F5 oAuth Federation with client assertion type = jwt-bearer
Hi -
i am trying to setup user authentication with oAuth and F5 is the Client + Resour provider - that needs to authenticate the user -
Question - the options available are to send clientid and secret to get information
is it possible to use
client_assertion_type | urn:ietf:params:oauth:client-assertion-type:jwt-bearer |
client_assertion | A JWT that the client has signed |
thanks
- Leslie_HubertusRet. Employee
Hi awan_m - have you been able to figure this one out yet? I see nobody in the community had an answer, so I'm trying to find a colleague who can help. Hopefully someone can reply in the mean time!
- awan_mCirrostratus
Thanks for following it up - No i have not succeeded in implementing this solution
i need to generate a JWT and send it to my IDP - thats where i am failing
- Matt_DierickEmployee
Hi,
If I understand correctly, APM is set as Client and RS. It means APM will redirect the user to your AS in order to authenticate and get a token (Client role). Which grant is set in your AS ? Authorization code grant ?
Then APM will validate the JWT token (RS role).
By default, APM uses JWT-BEARER as insertion type, and JWT signed (not encrypted by default)
- awan_mCirrostratus
Thanks for the response
for openidconnect - i have setup flow type as Hybrid - and Hybrid response type as code-idtoken-token
my identity provider is forgerock asn the attached image shows teh flow
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com