How to validate WSO2 JWT from API Manager within remote backend server? -
i know overview of what's proper way validate jwt @ remote backend server? believe i'd need public key...does api-m expose endpoint obtain public key or extract wso2carbon.jks?
thank you!
wso2 api manager signs jwt private key of keystore , have export above keystore. don't provide endpoint extracting public key.
also, it's highly recommended use own keystore rather 1 shipped wso2 product because keystore common products , released publically.
Comments
Post a Comment