Closed kitohe closed 4 months ago
I am no expert, but your client-id seems to be the generic one from the documentation. Did you obtain a specific solteq client_id, as described here https://ehealth-dk.atlassian.net/wiki/spaces/EDTW/pages/2187362305/SAML+Assertion+to+JWT+Exchange#JWT-Client-Authentication
Other that that. Trifork / @jkiddo would you take a look at this.
Hi Kirstine, thanks for your reply.
Yeah, client_id
in my example is from documentation as this is just generic idea that I was wondering whether is supported on Trifrok.
Regarding fetching ours client_id
, I cannot find in documentation you provided how to obtain a client_id
. It just says: The system has a client in Keycloak with a client_id
, and I don't know how can I access a Keycloak (unless I am looking in a wrong place). Would you be able to provide us with our client_id
?
Hi again
I have talked to KL. We are not doing further development at the Gateway, before the end of this project, so Bearer tokens will not be supported at this point. I also talked to Trifork on Friday. They promised to look at your other question as soon as possible.
Hi @kitohe. Your client_id on the TEST001 environment is currently named "solteq-test".
Thank you all. I was able to get the access token so I am closing this issue.
I was wondering whether is is possible to use JWTs instead of SAML assertions to get the gateway access token?
I believe that using SAML assertions could be an issue for companies not using software which doesn't directly support working with SAML such as .NET Core. Examples on Kombit website are using .NET Framework 4.8.2 with WCF, support for which does not exist in .NET Core.
Kombit with Serviceplatformen added support for fetching Bearer tokens in 2023 - Section - Adgangsstyring for webservices - Ny version af Security Token Service (https://digitaliseringskataloget.dk/l%C3%B8sninger/adgangsstyring-systemer) Would it be possible to add support to use those tokens in token exchange?
I believe request would look similarly:
Is this approach with JWTs something that would be considered?