- When a user accesses a VIP protected by this policy JWT and scope validation is performed
- Upon successful Authorization, the user is granted access via the Allow Terminal
- If unsuccessful, the user proceeds down the fallback branch and denied access via the Deny Terminal
Policy Agent Configuration¶
The OAuth Scope Settings are defined as Internal.
All profile settings are left the defaults
Supporting APM Objects¶
The provider List defines a single provider
The settings below define all the components of the Authorization Server’s endpoints to retrieve and validate tokens.
JSON Web Token¶
The JWT setting define the signing algorithms used by a provider with a set of jwks
The key settings define a type of key and its properties
The Policy from a user’s perspective¶
If the user attempts to access https://solution9.acme.com via postman located on the jumpbox they set to the Authorization server first for authentication(https://solution8.acme.com). Once authenticate the Post passes the JWT to https://api.acme.com and JSON payload is presented.
This solution is designed to be integrated with other Authorization Server based solutions.