This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Configure gateway to accept header with compressed JWT token value

Posted on 02-04-2019 02:20 PM
edwinames
New Member
Reply posted on --/--/---- --:-- AM

Hi,

I'm new to the Apigee Edge Gateway. I'm modifying an existing system that passes a JWT token in the authorization header. We are using the hosted solution -- we don't have access to host server. Our JWT tokens are getting too large. We would like our clients to compress the tokens. The gateway will need to decompress the authorization token before any other processing.

I am currently considering a custom policy to decompress the incoming authorization header. Considering using the gzip js library. Looking for best practices around handling incoming compressed headers.

If I end up coding the decompression myself, I would prefer to use the gateway's gzip js library rather than uploading our own. Is this possible?

Thanks!

Solved Solved
0 2 4,268
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
edwinames
New Member
Reply posted on --/--/---- --:-- AM

@Dino-at-Google Thanks for your response. Our JWT tokens are getting large enough that the request header size exceeds our server default sizes. Basic testing agreed with your estimates on compression, we found a max 70% size reduction on our JWT claims. We will not pursue compression. For now we are configuring our servers to accept larger headers. Longer term we will look at some kind of scope mapping, quite possibly a client-level scope identifier and might well use your approach.

View solution in original post

Jump to Solution
0 Likes
2 REPLIES 2
Top Solution Authors
View all