Access Token for JWT_BEARER grant type

3.5.4 Access Token for JWT_BEARER grant type

This is the grant type is to achieve the seamless SSO between the different mixes of application. This grant type provides facility to link the mainstream application SSO session with OAuth token.

When the SSO session is generated, JWT User token also generated. The generated JWT user token has the SSO “session_id” as part of its claims. The consumer client application must call OFSLL Authentication API with JWT_BEARER token grant type to get access token to access the protected resource.

Note:

The rules of SSO session are applied to the OAuth Access token.

Sample Request JSON

{
"AuthRequest": {
"Assertion":"eyJraWQiOiJkZWZhdWx0IiwieDV0IjoiYkw5VDI4bHhMQjJ0cW5xd2d4Y0FO
QnotQXZzIiwiYWxnIjoiUlMyNTYifQ.eyJleHAiOjE1NDU2NDQ0NTEsImp0aSI6IlRUS0lsS
DdWR1VyWVhVbHdyZ2lUOWciLCJpYXQiOjE1NDU2NDA4NTEsInN1YiI6Ik9GU0xMU1
VQUiIsInNlc3Npb25faWQiOiJCeW90c2h6LzR3K2hhekVHcnNqWnJBPT1-
bVN2eU5DaEtLa29xTk5tcUIyQkUvM3lOUTBiNENYVWlTQktqWXdlY1JlazdQYXBzajN6a
1pkbnJqYWViOURPbWViRTFBSURocG1QN0tTd1hKUDVFdzRpbmZHTEs1VGlsYldDY
UJWL0VmVkIxQlM5K2FaY1oxQ25oUTV0VVFSU3ciLCJkb21haW4iOiJkZWZhdWx0In0.
NfLQHdh219p2NjzR44q9xgrQ9m6ky1paJ2GpHf2Re8tXjKyiZNFXjYu9Tb78RoX3-
xlsXOdmrRJBMw0_z1vy-
0NrnHkU2fpBrBVdauqsXadCCKFFnkYy8AAJZg2WXyUNmaAcZWPT9z3svcQBHq9OQ
MdrkUvq3WbD91LbS5MA5pOkU8LofMn2j8nisoLRaQ904CXillKPl8jWILXtai-
8hHgz5t62Z-BYis3m1xiWPJ7zEctMRoule5pyFRYHxwudBht3Y9M04uDEQaIAk3d0uiVDup4eFJBt-
Vt1Jt42f5hX28GyQQNu13s-rVAraXYxHGx4hzNZZTlw9EUdDPuEg",
"GrantType" : "JWT_BEARER"
}
}

Mandatory Request Headers

Table 3-4 Mandatory Request Headers

Headers	Expected Value
X-OAUTH-IDENTITY-DOMAIN-NAME	OFSLL_OAUTH_DOMAIN
Authorization	Bearer <Base64encoded value of client credentials>

Sample JSON Response

{
"AuthResponse": {
"Token":
"eyJraWQiOiJPRlNMTF9TU09fVEVTVF9ET01BSU4iLCJ4NXQiOiJjQldCa0pqV2JVdHR
HczFmZFdlYzdteE0tMWsiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwOi8vbXVtMDBja
WUuaW4ub3JhY2xlLmNvbToxNDEwMC9vYXV0aDIiLCJhdWQiOltdLCJleHAiOjE1NDU2
NzQ1NzQsImp0aSI6InZTcE1LVzlheVF2VngxZU5KRUZ1ZVEiLCJpYXQiOjE1NDU2NzA
5NzQsInN1YiI6Ik9GU0xMU1VQUiIsImN1c3RvbWVBdHRyMSI6IkN1c3RvbVZhbHVlIiwic
2Vzc2lvbklkIjoiMzExY2MxOWUtODhkZi00ZDdhLTg5YzQtODFjNmRiMDE5ZDUzfEZqN2
NTcTZQcWlQUVZSNXU4TTNlRVpqbUJEZHVkQm9Hek5sMDBNQkFnS009IiwicmVzU3
J2QXR0ciI6IlJFU09VUkNFQ09OU1QiLCJjbGllbnQiOiJPRlNMTF9CMkJfSkVUX0NMSUV
OVCIsInNjb3BlIjpbIk9GU0xMX1NTT19URVNUX1NFUlZFUl9CMkIuQWNjb3VudERldGF
pbHMiXSwiZG9tYWluIjoiT0ZTTExfU1NPX1RFU1RfRE9NQUlOIn0.guHeG7eZilGWpJhM
WlIpH4K3lbGtM8buuwJPIlk6EengFTeicbfpd0E3qZwp8SYRFuzvw4FX7wCSbbBt2WM9G
4L6uM0NTvZpSTcwUeOljuysMiCmPzQ-
8cSijpM4G55Fb35laulC7eiCNdMtKoH34A2lScX7lamjlpC0u4SV4V-
8cB4VviGtrd_sXIqOfgSadpjrXQatuaRID1at4aNoAGv1Da7E4xrMzy9m41cxHtujSNU2aDx
G73-b2qOJiNZbvfzlaaa2pu1TOOr1ynZDvbe3STsZkAKO1VKFcHzmnYW8Tpqovc6MNd0TPyhNFUJHDBs
PH-nKV_nkFQHyu0_jw",
"Expires_in": 3600,
"TokenType": "Bearer",
"Result": {
"Status": "SUCCESS",
"StatusDetails":
"Token Generated Successfully"
}
}
}

Parent topic: Getting Access Token