RBAC with JWT containing role
This guide explains how to set up Role-Based Access Control with JWT containing a role claim
Last updated
Was this helpful?
This guide explains how to set up Role-Based Access Control with JWT containing a role claim
Last updated
Was this helpful?
To make Aidbox trust JWT
issued by external server token introspection is used.
TokenIntrospector
AccessPolicy
for the role manager
JWT
tokenissuer
claim should be https://auth.example.com
role
additional claim should be manager
expiration
claim should be in the future
subject
claim can be any value
To get signed JWT press the Create Signed JWT
button. The generated JWT
looks like this
JWT
to get the accessMake an HTTP request providing authorization
header with the JWT
as a Bearer
token.
To build JWT
use . Mind the claims: