Index | Prev | Next

Adding a JwksTrustMapping

This procedure describes how to add JwksTrustMapping to a station.
Prerequisites: You know URL of the token issuers key service. You know the value for the Token issuer “iss” property ( provided by the Developer/Integrator during JwksTrustMapping configuration).The CloudAuthenticationScheme has been installed.
  1. In the Nav pane, under the AuthenticationService, expand CloudAuthenticationSchemes > CloudAuthenticationScheme > TrustManager.
  2. From the nCloudDriver palette drag a JwksTrustMapping component to the Trust Manager node in the CloudAuthenticationScheme in the Nav tree.
  3. Right-click the newly added JwksTrustMapping component and click Views > AX Property Sheet.
    The Jwks Trust Mapping Property Sheet opens.
    Image
  4. In the App Id property, enter the Honeywell Forge application ID.
    This value is required.
  5. In the Expected Jwt Audience property, enter the value of the Token audience “aud” property.
    By default, this value is “Cloud Driver”, but you may change it to match the value present in the JWT for those providers that do not have a fully configurable audience property. For example, Salesforce prepends the Salesforce application ID (not to be confused with the Honeywell Forge application ID) onto the audience.
  6. In the Expected Jwt Issuer property, enter the value of the Token issuer “iss”.
    This is typically the URL of the user identity provider.
  7. In the Jwks Endpoint property, enter the URL of the token issuer’s key service.
  8. To save the JwksTrustMapping Property Sheet settings, click Save.
    Jwks trust mapping is now available and the station is configured to receive commands.

Related Links

  • Configuring the station to receive commands (Parent Topic)

    • Index | Prev | Next