Configuring Self-Contained Access Token Validation

New Information

Progress Application Server for OpenEdge : Authentication with OAuth2 and JWT : Configuring a PASOE Web Application as an OAuth2 Resource Server : Configuring Self-Contained Access Token Validation

This section outlines the properties used to validate the additional claims found in a Self-contained Access Token's payload.

An OAuth2 Access Token's payload must contain a client_id claim that uniquely identifies each type of Resource Server Client.. You are required to configure a Client ID for PAS for OpenEdge when you have configured the OAuth2 service type to be oauth2:

oauth2.resSvc.tokenServices=oauth2
oauth2.resSvc.clientCfg=../oauth2ResSvcClients.cfg

The Resource Server's client configuration is normally found in the oeabl web application WEB-INF/oauth2ResSvcClients.cfg file, and has the following xml element format:

<oauth:client-details-service id="oauth2ResourceClientDetails">
<oauth:client client-id="oeablClient" />
...
</oauth:client-details-service>

Edit the file and change the client-id attribute's value to hold the OAuth2 Client's registered ID.