-
Feature Request
-
Resolution: Fixed
-
L3 - Default
-
None
-
None
-
Not defined
Problem Definition
User Story
As a user
I want authenticate API calls with a JWT Token
So that the scope of the token is also used to validate it
Use Cases
PM Notes (Customer requests, context, assumptions)
Solution Definition
Solution Ideas
Implement the audience validation for CCSM and Platform mode analogous to SaaS mode. This involves migrating the settings to the correct place in service-config.yaml as well
Instructions for testing:
- Generate a Jwt Token with an optimize Audience
- Start Optimize in Platform/CCSM Mode and provide that audience name with the environment variable CAMUNDA_OPTIMIZE_AUDIENCE or with the configuration$.api.audience
- Perform a public API request with that token and check that authentication was successful
- Start Optimize in Platform/CCSM mode and provide a fake audience name with the environment variable CAMUNDA_OPTIMIZE_AUDIENCE or with the configuration$.api.audience
- Perform a public API request with that token and check that authentication failed
This is the controller panel for Smart Panels app
[OPT-6100] Add scope to the JWT Validation in Platform and CCSM mode
| Link | New: This issue is related to SUPPORT-13387 [ SUPPORT-13387 ] |
| Status | Original: Open [ 1 ] | New: Ready [ 10005 ] |
| Status | Original: Ready [ 10005 ] | New: In Development [ 10312 ] |
| Description |
Original:
h2. Problem Definition
h3. User Story As a user I want authenticate API calls with a JWT Token So that the scope of the token is also used to validate it h3. Use Cases h3. PM Notes (Customer requests, context, assumptions) h2. Solution Definition h3. Solution Ideas h3. Implement the audience validation for CCSM and Platform mode analogous to SaaS mode. This involves migrating the settings to the correct place in service-config.yaml as well h3. Metrics (if applicable) |
New:
h2. Problem Definition
h3. User Story As a user I want authenticate API calls with a JWT Token So that the scope of the token is also used to validate it h3. Use Cases h3. PM Notes (Customer requests, context, assumptions) h2. Solution Definition h3. Solution Ideas h3. Implement the audience validation for CCSM and Platform mode analogous to SaaS mode. This involves migrating the settings to the correct place in service-config.yaml as well h3. Instructions for testing: # Generate a Jwt Token with an optimize Audience # Start Optimize in Platform/CCSM Mode and provide that audience name with the environment variable CAMUNDA_OPTIMIZE_AUDIENCE or with the configuration$.api.audience # Perform a public API request with that token and check that authentication was successful # Start Optimize in Platform/CCSM mode and provide a fake audience name with the environment variable CAMUNDA_OPTIMIZE_AUDIENCE or with the configuration$.api.audience # Perform a public API request with that token and check that authentication failed |
| Assignee | Original: Giuliano Rodrigues Lima [ giuliano.rodrigues-lima ] | New: Joshua Windels [ joshua.windels ] |
| Status | Original: In Development [ 10312 ] | New: In Review [ 10212 ] |
| Assignee | Original: Joshua Windels [ joshua.windels ] | New: Giuliano Rodrigues Lima [ giuliano.rodrigues-lima ] |
| Status | Original: In Review [ 10212 ] | New: Rework [ 11413 ] |
| Assignee | Original: Giuliano Rodrigues Lima [ giuliano.rodrigues-lima ] | New: Cigdem Ilhan [ cigdem.ilhan ] |
| Status | Original: Rework [ 11413 ] | New: In Test [ 10004 ] |
| Fix Version/s | New: 3.8.0 [ 17435 ] |