Closed baltes closed 2 weeks ago
@baltes After speaking with the VSP Identity team on a couple of occasions, it seems like there isn't a non-technical/less technical way to retrieve the JWT assertion for the Postman call to our endpoint at this point. I've tried to set up Postman pre-scripts to no avail. I've attempted to use jwt.io which can grant a JWT assertion but you still need the private key and the ability to use some code to generate an expiration date and JTI for the payload.
I think the best we can do is make sure the engineers on the team know how to achieve the JWT assertion so it doesn't rest solely on one person.
@balexandr It looks like this got walked all the way back because of the technical piece. There's still a need for documentation so that people know what steps to take to get access, even if there's a point where they have to ask for help. Is there a draft of that?
@baltes Seems like VSP Identity figured out a way through Postman to get the STS JWT Token. Here is their documentation: https://github.com/department-of-veterans-affairs/va.gov-team/blob/707d8afd0e44447d73fff86894154966523a7005/products/identity/Products/Sign-In%20Service/Engineering%20Docs/Authentication%20Types/Service%20Account%20Auth%20(STS)/postman/postman.md
I tested this out and it works. I exported the collection below. Whoever uses it needs to copy and paste their STAGING PRIVATE KEY and running the token
will output the JWT token and paste that into the status update staging call auth and it should work.
VA.gov Identity - PEGA Service Account Auth (STS).postman_collection.json
Awesome, thanks Bryan.
As a member of the IVC forms team who's not an engineer, I need a guide for getting Postman set up to call the callback API and see the responses.
Acceptance criteria