hello shobhtyagi!
Could you share some details on how you are securing your application? Are you using Istio? APIRule?

Cheers,
Magda

Hi Magdalena Strek,
I am using APIRule and in access strategy I have provided the JWT and JWKs url

Have you entered a Trusted Issuer as well?

Yes I have entered the trusted issuer

OK, so can you get a token by calling the Trusted Issuer URL with your client ID and client Secret?
And have you tried calling your application with that token as a Bearer header?

Thanks for reply john.barrow it would be helpful if you can point some example or documentation as you mentioned in above comments .. We tried passing bearer token from xsuaa service via postman but its still throwing 401. What do you mean Bearer as header BTW can you share any example?

Ok, I'm doing the same thing, calling a JWT-protected (via XSUAA) Function using Postman.

Hello john.barrow,

The above solution is working for me via postman, I am also getting 200 status for my web url but same thing i want to try with actual business scenarios lets say sharing a url with User which will lead user to login page and after authentication, it should open the actual Kyma web app.

I tried same thing with below approach.

Now what i did , i created a BTP destination with Kyma API Rule URL with XSUAA authentication configs and i am trying it to open via workzone tenant url with dynamic destination approach. but i am not able to open my web app and getting 500 internal server error.

Url we are trying to open app.
http://<workzone launchpad tenant url>/dynamic_dest/KYMAROUTE

Can you guide us what could be the wrong here.

Have you looked at this?
https://blogs.sap.com/2023/10/18/sap-btp-kyma-api-rules-with-destinations-and-a-managed-approuter./

Thanks John This blog was helpful. It worked for me. Thanks a Lot for your help