Saviynt Forums

jasonreis · ‎07/14/2023

Using the following connection JSON:

{
    "authentications": {
        "acctAuth": {
            "authType": "Jwt",
            "httpParamsName": "jwt_token",
            "jwtConfig": {
                "jwtHeader": {
                    "alg": "RS256",
                    "typ": "JWT"
                },
                "jwtPayload": {
                    "sub": "1234",
                    "aud": "https://xyz.access.securid.com/AdminInterface/restapi",
                    "iat": "${def date = new Date(); date.getTime();}",
                    "exp": "${def date = new Date(); date.getTime() + 120;}"
                },
                "signedAlgorithm": "RS256",
                "key": "asdf",
                "jwtExpiryDuration": 120
            },
            "retryFailureStatusCode": [
                401,
                500,
                400
            ],
            "authError": [
                "SESSION_NOT_VALID",
                "AuthenticationFailed",
                "ExpiredJwtException",
                "401 Unauthorized",
                "401",
                "You couldn't be authenticated"
            ],
            "errorPath": "code",
            "maxRefreshTryCount": 5,
            "tokenResponsePath": "access_token",
            "tokenType": "Bearer",
            "accessToken": "Bearer asdf"
        }
    }
}

Has anyone successfully called RSA SecurID APIs using JWT with a private key? Is Private Key JWT supported?

SB · ‎07/19/2023

Let me check this and will update.

Regards,
Sahil

rushikeshvartak · ‎07/19/2023

Are you using below API doc ?

https://community.rsa.com/t5/securid-cloud-authentication/securid-authentication-api-developer-s-gui...

As per doc private key should work

https://docs.saviyntcloud.com/bundle/REST-v23x/page/Content/Developers-Handbook.htm

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

jasonreis · ‎07/20/2023

What would I use for the key? The actual private key file contents? Since I'm using private key JWT, what would I specify for url, as I don't have one? Are those fields okay to leave out?

rushikeshvartak · ‎07/20/2023

keyFile

Use this attribute to specify the absolute path of the keystore which contains the public-private keypair. For example, /saviynt_shared/saviynt/ConnectorFiles/filename.pem.

Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

SB · ‎07/20/2023

the url value will be the one you use in postman to make the call for token generation. The key value is for the secret key value for auth and in case you do not require for the call, you can remove the param from JSON.

Regards,
Sahil

jasonreis · ‎07/20/2023

Using private key JWT, there isn't a URL being called. Will it work without specifying a URL?

SB · ‎07/20/2023

How do you generate the access token from postman?

Regards,
Sahil

jasonreis · ‎07/20/2023

Postman has support for private key JWT. https://oauth.net/private-key-jwt/

SB · ‎09/05/2023

Can you confirm if you were able to implement this or is being still worked on.

Regards,
Sahil

Saviynt Forums

RSA SecurID JWT with the REST connector help needed