Configuring access token signature validation

By default, the access token signatures of the request payloads sent to Developer Portal are not validated. You can enable the validation by adding a configuration in the dpo_wrapper.config file.

Procedure

  1. Go to the location InstallDir/DeveloperPortal/configuration and open the dpo_wrapper.conf file to edit the same.
  2. Add the following entry:
    wrapper.java.additional.2150=Dcom.softwareag.portal.umc.token.signature.enabled=true
  3. Save the changes.
  4. Restart Developer Portal for the changes to take effect.
    When you enable this configuration, and if the signature part is not included in a request payload then the authentication failed and the 401 Unauthorized status appears for such API calls.