I suggest you ...

Sign a JWT with RSA SHA256 in APIM Policy Expression

Provide access to RSACryptoServiceProvider or System.IdentityModel.Tokens.Jwt so that its possible to construct and sign a JWT from a policy expression within Azure API Management.

Right now there's no libraries to help with signing JWTs within a policy in APIM. In scenarios where APIM needs to invoke backend APIs which dictate a security protocol which requires signed JWTs (ex. https://tools.ietf.org/html/rfc7523 on Salesforce) you need a backend API between APIM and your platform just to do the token exchange.

Ref. https://social.msdn.microsoft.com/Forums/azure/en-US/509cc747-101a-4c82-8e19-7b882b1e7fbe/sign-a-jwt-with-rsa-sha256-in-apim-policy-expression?forum=azureapimgmt

1 vote
Vote
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
You have left! (?) (thinking…)
Andrew Twigg shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base