This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
How to Authorize with nested JWT claim generated from Keycloak #1951
Comments
berkslv
changed the title
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
I use Keycloak as identity and JWT token provider. I am successfully using JWT tokens generated from Keycloak for Authentication but when it comes to Authorization, Keycloak's JWT token structure cannot be used in Ocelot's
RouteClaimsRequirementfield in ocelot.json because Keycloak's JWT structure is similar to the following and contains many nested attributes. How can I use these nested claims? Is there a feature for this or do I need to develop a custom middleware?{ "exp": 1706600524, "iat": 1706600224, "auth_time": 1706597784, "jti": "4057d8a1-457c-4c48-a877-4d6311cb7437", "iss": "http://localhost:5050/identity/realms/microcommerce", "aud": "account", "sub": "18957315-668b-4bfb-8d57-e67265553029", "typ": "Bearer", "azp": "postman", "session_state": "736a2ddc-7092-4c18-9d36-be2b38d02f94", "acr": "0", "allowed-origins": [ "https://oauth.pstmn.io" ], "realm_access": { "roles": [ "offline_access", "default-roles-microcommerce", "uma_authorization", "customer" ] }, "resource_access": { "account": { "roles": [ "manage-account", "manage-account-links", "view-profile" ] } }, "scope": "openid email profile", "sid": "736a2ddc-7092-4c18-9d36-be2b38d02f94", "email_verified": false, "name": "Berk Selvi", "preferred_username": "berkslv", "given_name": "Berk", "family_name": "Selvi", "email": "example@gmail.com" }The text was updated successfully, but these errors were encountered: