Monday, January 18, 2021

Follow-up to Db2 and JWT: What is JOSE...?

JWT: Encoded or decoded security claims
JWT: Encoded or decoded security claims
Last week, I wrote about Db2 support for JSON Web Tokens (JWT). Today, I have a small follow-up with some reading material on JWT and related topics like JOSE, JWS, JWK as well as OAuth and OpenID Connect.

Some JWT history and standards

The first draft for JSON Web Tokens, JWTs, is already 10 years old. It is from December 2010. The early draft states:

Tuesday, January 12, 2021

Db2 Security: Configure JSON Web Token (JWT) authentication

Db2 login using JWT access token
Db2 login utilizing a JWT
Since V11.5.4, Db2 allows to consume JWT (JSON Web Token). The business case is to support SSO (single sign-on). You can configure Db2 to accept access tokens issued by external Identity Provider (IDPs), including the IBM solutions or open source projects like gluu. V11.5.5 brought some JWT improvements, e.g., support for multiple labels. On a recent Friday, I set up my Db2 Docker container to accept JWTs, not those issued by an external identity service, but my own.