Question
JWT Processing using pxProcessJWT - Custom Authentication
Hi,
For a new project we are looking into the Pega rules used for processing an already externally generated Json Web Token (JWT).
From Pega perspective we provide a processing-service where the external party authorizes using the JWT which we want to check using the Tokenprofile and the related activity pxProcessJWT
So far I found the following help link.
My Question:
What and where should we configure this activity for checking the JWT validity? In the custom authentication part on the service Package?
Pega version 7.3.1
Hi,
We have a similar requirement, and we do the authentication in the Service activity Step #1 . If the validateJWT function returns false, it means the token was not validated, and you can then return an "Ïnvalid Token" error back to the consumer.