- Place the org.wso2.carbon.identity.oauth2.grant.jwt-1.0.0.jar downloded from store in the <IS_HOME>/repository/component/dropins directory.
To register the JWT grant type, configure the <IS_HOME>/repository/conf/identity/identity.xml file by adding a new entry under the <OAuth><SupportedGrantTypes> element. Add a unique identifier between the <GrantTypeName> tags as seen in the code block below.
- Restart the server.
Configure the JWT grant type
- Sign in to the WSO2 Identity Server. Enter your username and password to log on to the Management Console.
- In the Identity Providers section under the Main tab of the management console, click Add.
- Give issuer name(which is used to generate the JWT token) as the name for Identity Provider Name and add the Public Certificate for you Identity Provider. See Adding a new identity provider for more information.
- Navigate to the Main menu to access the Identity menu. Click Add under Service Providers.
- Fill in the Service Provider Name and provide a brief Description of the service provider. See Adding a Service Provider for more information.
- Expand the OAuth/OpenID Connect Configuration and click Configure.
- Enter a callback url for example http://localhost:8080/playground2/oauth2client and click Add.
- The OAuth Client Key and OAuth Client Secret will now be visible.
The cURL commands below can be used to retrieve access token and refresh token using a JWT.
You will receive a response similiar to the format below.