Forum Discussion
Matt_Dierick
Mar 28, 2023Employee
Hi,
If I understand correctly, APM is set as Client and RS. It means APM will redirect the user to your AS in order to authenticate and get a token (Client role). Which grant is set in your AS ? Authorization code grant ?
Then APM will validate the JWT token (RS role).
By default, APM uses JWT-BEARER as insertion type, and JWT signed (not encrypted by default)
- awan_mMar 28, 2023Cirrus
Thanks for the response
for openidconnect - i have setup flow type as Hybrid - and Hybrid response type as code-idtoken-token
my identity provider is forgerock asn the attached image shows teh flow