Retrieving JWT Token with Claim

About this task

When you retrieve a JWT token for a particular application, the application is authenticated using the application identifiers provided in the request, such as, APIKey, Username, or Host name, and then a token is generated with application ID as a subject.

For example, consider multiple developers using an application to retrieve an access token. In such a scenario, each user can have a claim that can be used to identify the user who made a particular transaction.

Before you begin

You must configure API Gateway as a JWT issuer. If it is not set as a JWT issuer, you can configure it by navigating to Administration> Security> JWT/OAuth/OpenID> JWT Configuration in API Gateway.
You must have an application.

To retrieve a JWT token with claim

Procedure

Open your REST client.
Make a POST call to the following URL, with the hostname of the system where API Gateway is installed in place of localhost:
```
http://localhost:5555/gateway/security/getJsonWebToken
```
Copy the API access key of the application present uder the Application details section.
Pass the access key as an endpoint in the REST client.
Provide your claim identifiers in the Request section:
```
{ "claimsSet": { "identifier": "value"} }
```
For example,
```
{ "claimsSet": { "name": "username", "company": "organization" } }
```
Note: Before invoking this service, ensure that the authorization server is configured and the scope mapping is done.

The access token is displayed in the Response section. The subject claim of the token generated by making a POST call will be the ID of the identified application.
The subject claim of the token generated will be the application ID. The audience will be the value configured in the authorization server preceded with the application ID. The issuer will be the values configured in the authorization server.