cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Authentication using JWT in SAP API Management

faisaljamal1
Explorer

on ‎2024 Dec 04 10:17 AM

0 Kudos
484

Hello Experts,

We are in a process of implementing OAuth(client credentials based) authentication to API proxies using the JWT verify policy in SAP API Management as described in this post. We used EntraID as IdP. We have been able to successfully implement and test it, but have an observation though. 

We noticed during testing that token fetched for app registered for Dev environment is also working for authenticating with API proxy in SAP APIM Test environment, which is most likely because both the APIs (dev and test) are registered in a common EntraID. 
But is this how it should work? Is there a way to ensure that token fetched for API in one environment does not works for APIs in another environment?

Any inputs will be appreciated. Thanks!

Regards,

Faisal

 

Labels

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
faisaljamal1
Explorer
‎2024 Dec 17 1:11 PM
0 Kudos
Hello Experts, any suggestions on this please?

Accepted Solutions (0)

Answers (0)

Ask a Question