I Have a microservice with JWT plugin on Kong OSS. And i have this issue, when my bearer token JWT expires, how i can revew or create another token automatically?. Exists any JWT Signer plugin or JWT renewal for Kong OSS?
Greetings.Somebody have any ideas of solve this question?. Any experience of this issue?
Related
I am struggling with authentication and passing tokens between services.
I have 3 services: authentication, Service1, and Service2.
They are separated. I am logging into the authentication service, generating the JWT token, and getting the token. What is the best way of implementation for services1 and service2 to get and validate this token? Should I send this token in the HTTP request header? How should I store this token on the client machine, cookies?
i am working on spring boot application with api gateway and JWT token authentication. after applying the spring security JWT authentication the gateway route functionality not working .i am getting 404 resource not found exception. Please some help me where i am doing wrong.
Is there any free provider for .well-known/openid-configuration available so that we can do verification of JWT token?
You verify JWT tokens using configuration provided by the service which issued the JWT token. The service which issued the tokens and signed them is responsible for providing any public keys needed to verify the JWT. So that service exposes a .well-known/openid-configuration endpoint.
If you are issuing your own tokens then you should be in possession of everything needed to verify them.
I have a kubernetes cluster and i have my application deployed in the pods. There is a endpoint URL of my application which i used to send POST requests from Postman. I need to provide some level of authentication to the my URL. I read the service account authentication using the JWT token.
How can i achieve the same feature in postman ??
I tried creating a new service account and took the secret and the associated JWT token as the Bearer token in postman. But it is not giving any kind of authentication.
https://medium.com/better-programming/k8s-tips-using-a-serviceaccount-801c433d0023
Cant directly answer your question, but from what comes to my mind is that: Istio supports Token-based end-user authentication with JSON Web Tokens.
You should understand I havent tried to do that, but this looks for me very promising: Istio End-User Authentication for Kubernetes using JSON Web Tokens (JWT) and Auth0
And to test JWT-based authentication and authorization workflow thay exactly use Postman, as you prefer.
I didn't touch AAD before, but I have to use it for authenticate users for my REST service.
I have a mobile client that can authenticate a user on AAD with OAuth2. As a result it has a bearer token.
This bearer token mobile client should use as a parameter in a request for protected REST service.
REST service is a Java-based application (spring-boot) and it was registered in AAD as a Web application, but I can not find a way how it can connect to AAD for check is token valid or not.
I expected to have something like /oauth2/check_token endpoint that can take a token value and return a user data, but I didn't find anything.
Is it possible to use AAD for authentication users for third-party applications and if yes, how to do it?
The token issued by AAD is a signed JWT token. You do not need to communicate with AAD to verify the token is valid. If you trust the issuer (AAD) and the token is valid (correct audience, valid signature, not expired etc.), you accept the claims in the token.
See this article for the steps to validate the JWT token.