CAC/PIV card users can open a browser to DTP and authenticate automatically via JWT Access Token for OAuth 2.0.CAC/PIV card users can open a browser to License Server and authenticate automatically via JWT Access Token for OAuth 2.0. To set this up, follow the directions below.
...
| Code Block | ||
|---|---|---|
| ||
DTP_JAVA_OPTS=-Dcom.parasoft.oauth2.jwks.uri=<JWKS endpoint> |
To enable authentication via JWT Access Token for OAuth 2.0, follow the directions below appropriate for your distribution.
Self-deployed distribution on Linux
Modify <LSS_INSTALLDIR>/app/setVars.sh by adding the following line:
| Code Block | ||
|---|---|---|
| ||
JAVA_OPTS=-Dcom.parasoft.oauth2.jwks.uri=<JWKS endpoint> |
Self-deployed distribution on Windows
Modify <LSS_INSTALLDIR>/app/setVars.bat by adding the following line:
| Code Block | ||
|---|---|---|
| ||
JAVA_OPTS=-Dcom.parasoft.oauth2.jwks.uri=<JWKS endpoint> |
Web-archive (war) distribution
Add the following to your JVM arguments:
| Code Block | ||
|---|---|---|
| ||
-Dcom.parasoft.oauth2.jwks.uri=<JWKS endpoint> |
Configuring Usernames
When enabled, DTP uses mappings defined in oidc.json to extract usernames from JWT access tokens.When enabled, License Server uses mappings defined in oidc.json to extract usernames from JWT access tokens.Open the oidc.json file located in the <DTP_DATA_DIR>/conf directory to configure usernames.
...
Save your changes and restart DTP services after configuring the file.Save your changes and restart License Server services after configuring the file.
Using APIs in JWT Token Mode
To access DTP or Enterprise Pack APIs when DTP is in JWT token mode, pass an access token to the API endpoint in the request header using the Authorization property. To access License Server or Enterprise Pack APIs when License Server is in JWT token mode, pass an access token to the API endpoint in the request header using the Authorization property. The token is passed using the following format:
...