Open Kshapova opened 7 years ago
Hi @Kshapova
Thank you for your comment!
I have recently installed and configured LexikJWTAuthenticationBundle on versions 1.10.14 and 2.0.1 using this manual and tried to add some tags to a user from the UI, after which I received the following response:
{"code":401,"message":"JWT Token not found"}
As this behavor is unusual, we will investigate the issue. As I understand, you are using 1.10 version, am I correct? Could you let me know if you had any customizations done for your instance?
For now, I suggest that you upgrade to version 2.0 as a lot of issues with API firewalls have been fixed.
Hi @mkudelya
Yes I am using 1.10 version and I'll upgrade to version 2.0.
We have SSO Gluu connection. This system generate JWT Token and we use it in the header API call, We don't use ORO API Key.
Exemple
GET /api/rest/latest/services HTTP/1.1
Host: xxx-yyy.com
Authorization: Bearer <JWT TOKEN>
Accept: application/json
Hi @Kshapova
Thank you for reporting the issue! We greatly appreciate all contributions to Oro projects.
Hi
I need to replace WSSE API Authentification and add JWT Authentification (with IdToken).
I created a new bundle and added a new JWT firewall
It works fine with the API. But API in ORO js files always need WSSE Authetification. (For exemple in TagBundle when you add a Tag to the Entity: API POST /api/rest/{version}/tags/{entity}/{entityId} )
I added the 2nd firewall for WSSE Api
Is this a good idea? Did anyone have the same situation with double API authentification ?