Blog Series : JSON Web Tokens (JWT) verification using SAP Cloud Platform API Management

JSON Web Token ( JWT) is an open standard for securely transmitting information as a JSON object. This information can be digitally signed using a secret with HMAC algorithm or a public/private key pair using RSA.  JSON Web Token can be used as OAuth 2.0 Bearer Tokens to encode the relevant part of an access token like user profile, scopes into the access token itself.

The JWT policies of SAP Cloud Platform API Management enables you to generate, verify and decode the JWT token.  In this blog series we would be covering the various policies needed for modeling JWT token verification in SAP Cloud Platform API Management, followed up by testing the JWT token policies against different Identity Providers like SAP Cloud Platform XS UAA, Okta , Azure Active Directory 

Part 1: Modeling the JWT token verification flows in SAP Cloud Platform API Management

Part 2: Configuring JWT token verification flows for Okta Identity Provider

Part 3: Configuring JWT token verification flows for Azure Active Directory

Part 4: Configuring JWT token verification flows for SAP Cloud Platform XS UAA

Part 5: Configuring JWT token verification flows for SAP Customer Data Cloud ( Gigya)

For more blogs on SAP Cloud Platform API Management visit us at SAP Community