Supporting authentication through Zowe JWT token

The JWT secret that signs the JWT token is a private key that is generated during Zowe keystore configuration. To support authentication through JWT, perform the following steps.

About this task

  1. Copy the JWT secret from the API ML installation. For more information, see the Zowe documentation about authenticating with JSON Web tokens.
  2. From the workstation where you installed the Dynamic Workload Console, import the secret into the trust store by issuing the following command from <DWC_DIR>/usr/servers/dwcServer/resources/security:
    keytool -import -alias <my_secret> -keystore TWSServerTrustFile.jks -file <complete_path>/localhost.keystore.jwtsecret.pem
    
    
  3. Edit the <DWC_DIR>/usr/servers/dwcServer/server.xml file as follows:
    1. Add the row <feature>mpJwt-1.1</feature> as shown in the following example:
      <featureManager>
      	    <feature>javaee-7.0</feature>
      		<feature>passwordUtilities-1.0</feature>
      		<feature>localConnector-1.0</feature>
      		<feature>mpJwt-1.1</feature>
          </featureManager>
      
    2. Add the following information:
      <!-- MPJWT configuration -->
      	<mpJwt id="<my_mpJwt>" keyName="<my_secret>"
                 userNameAttribute="sub" ignoreApplicationAuthMethod="false"/>
      
      where:
      <my_mpJwt>
      A unique identifier that you define for the MicroProfile JWT (mpJwt).
      <my_secret>
      The secret that you imported into the trust store at step 2.
  4. Save the server.xml file.