Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-10708

Adding the JWT to the context when the Authorization header is present

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Can't Do
    • Icon: Major Major
    • None
    • 2.14.0 GA
    • Gateway
    • False
    • None
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started

      Current Behavior

      The JWT token passed in the Authorization header is available in the context ONLY if the product uses oidc as authentication option. Therefore, when app_id/app_key is used as the authentication option for the product, the JWT token passed in an "Authorization" header is not available in the context so it can't be accesed via liquid.

       

      Expected Behavior

      Add the JWT to the context when "Authorization" header is present in the request even if the product is not using oidc as authentication option. This means that OIDC does not need to be configured for the JWT to be accessible via Liquid in the edge limiting policy for example. 

              Unassigned Unassigned
              rhn-support-icaldero Ivan Calderon Clemente
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: