Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

RSA SecurID JWT with the REST connector help needed

jasonreis
New Contributor II
New Contributor II

Using the following connection JSON:

{
"authentications": {
"acctAuth": {
"authType": "Jwt",
"httpParamsName": "jwt_token",
"jwtConfig": {
"jwtHeader": {
"alg": "RS256",
"typ": "JWT"
},
"jwtPayload": {
"sub": "1234",
"aud": "https://xyz.access.securid.com/AdminInterface/restapi",
"iat": "${def date = new Date(); date.getTime();}",
"exp": "${def date = new Date(); date.getTime() + 120;}"
},
"signedAlgorithm": "RS256",
"key": "asdf",
"jwtExpiryDuration": 120
},
"retryFailureStatusCode": [
401,
500,
400
],
"authError": [
"SESSION_NOT_VALID",
"AuthenticationFailed",
"ExpiredJwtException",
"401 Unauthorized",
"401",
"You couldn't be authenticated"
],
"errorPath": "code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"accessToken": "Bearer asdf"
}
}
}

Has anyone successfully called RSA SecurID APIs using JWT with a private key? Is Private Key JWT supported?

9 REPLIES 9

SB
Saviynt Employee
Saviynt Employee

Let me check this and will update.


Regards,
Sahil

rushikeshvartak
All-Star
All-Star

Are you using below API doc ?

https://community.rsa.com/t5/securid-cloud-authentication/securid-authentication-api-developer-s-gui... 

As per doc private key should work 

https://docs.saviyntcloud.com/bundle/REST-v23x/page/Content/Developers-Handbook.htm


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

jwt_connection.png

What would I use for the key? The actual private key file contents? Since I'm using private key JWT, what would I specify for url, as I don't have one? Are those fields okay to leave out?

keyFile

Use this attribute to specify the absolute path of the keystore which contains the public-private keypair. For example, /saviynt_shared/saviynt/ConnectorFiles/filename.pem.


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

SB
Saviynt Employee
Saviynt Employee

the url value will be the one you use in postman to make the call for token generation. The key value is for the secret key value for auth and in case you do not require for the call, you can remove the param from JSON.


Regards,
Sahil

jasonreis
New Contributor II
New Contributor II

Using private key JWT, there isn't a URL being called. Will it work without specifying a URL?

SB
Saviynt Employee
Saviynt Employee

How do you generate the access token from postman?


Regards,
Sahil

jasonreis
New Contributor II
New Contributor II

Postman has support for private key JWT. https://oauth.net/private-key-jwt/

jwt_postman.png

SB
Saviynt Employee
Saviynt Employee

Can you confirm if you were able to implement this or is being still worked on.


Regards,
Sahil