This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

How to configure different Keys for Consumer & Apigee while encrypting JWT Token?

Posted on 10-17-2019 10:31 PM
ashishgupta1
New Member
Reply posted on --/--/---- --:-- AM

We have developed a API proxy where response is a JWT Token (payload is passed in JWT). Currently it is encrypted with a key saved in KVM.

For the caller to decrypt the token we have to share the Key with them (which they will use in the end and will never transfer over network)

But it still has issue as the someone might get the key from caller's code or the caller gives it to someone.

How to have different Key for APIGEE & the caller and still do the data exchange (Like done in Diffie Helman Algorithm) where both sides have different private key?

2 1 579
Topic Labels
Reply
1 REPLY 1
Top Solution Authors
View all