OAM Mobile & Social Access Token Encryption (Doc ID 2157931.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Mobile and Social - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

In Toyota Motor Sales (TMS) environment, Enterprise Internet Gateway (EIG) is policy enforcement point and customer wants to have EIG validate the signature on Access token so that it does not have to make a trip to OAM MS for validation of tokens. The tokens are JWT tokens but are signed by OAM MS using some private key. Customer wants to find out the key which is being used, so that Toyota can give the public key to EIG for it to validate the signature.

Customer wants to avoid an unnecessary hop of EIG sending the request to OAM Mobile and Social for token validation and instead EIG can validate the token itself by verifying the signature.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms