How to Use JWT in the API Portal

How to Use JWT in the API Portal to do API requests.

---

Use JWT for Authorization in the Portal

First, generate a fresh JWT and copy the public access token.

Run the following command using curl and jq to get your access token.

Keycloak

CLI

curl -s \
--data-urlencode 'username=jane.doe' \
--data-urlencode 'password=&MY-SECURE-PASSWORD' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=jwt-demo' \
https://$KEYCLOAK-URL/realms/keycloak-demo/protocol/openid-connect/token | jq .access_token
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2OTk1MTg5NDYsImlhdCI6MTY5OTUxODY0NiwianRpIjoiN2U5ZTUxYjQtN2M5Ny00MjdiLWIyZWMtYzA1NGIyMGFiMDMwIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay5leGFtcGxlLmlvL3JlYWxtcy9rZXljbG9hay1kZW1vIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjM0MTYwNWIyLWU0NGItNGNkMC1hNDZjLWEwNjMzNWFhYTVkYiIsInR5cCI6IkJlYXJlciIsImF6cCI6Imp3dC1kZW1vIiwic2Vzc2lvbl9zdGF0ZSI6IjU2MDQwZmE3LTJiZjQtNGRhZi05YjhhLWEzZjRmZjhhZWM3MSIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsiLyoiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbImRlZmF1bHQtcm9sZXMta2V5Y2xvYWstZGVtbyIsIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6Imdyb3VwcyBlbWFpbCBwcm9maWxlIHVzZXJfaWQiLCJzaWQiOiI1NjA0MGZhNy0yYmY0LTRkYWYtOWI4YS1hM2Y0ZmY4YWVjNzEiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkphbmUgRG9lIiwiZ3JvdXBzIjpbInN1cHBvcnQiXSwicHJlZmVycmVkX3VzZXJuYW1lIjoiamFuZS5kb2UiLCJnaXZlbl9uYW1lIjoiSmFuZSIsImZhbWlseV9uYW1lIjoiRG9lIiwiZW1haWwiOiJqYW5lLmRvZUB0cmFlZmlrLWFpcmxpbmVzLmlvIn0.3NcJ3sbItZmPLe6ZAome17yT-50MM6mjumeh9ROvNfE"

Okta

CLI

curl -L -s -X POST 'https://$your-okta-org/oauth2/$authorization-server-id/v1/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode '[email protected]' \
--data-urlencode 'password=$your-secure-password' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'scope=openid' \
--data-urlencode 'client_id=$your-client-id' | jq .access_token
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ2ZXIiOjEsImp0aSI6IkFULkZxUXZ4dzN1TmY5WWVLUXNadkluMWxROE9oUWNMM2ZwV2p4eEh6WFFXRVIiLCJpc3MiOiJodHRwczovL2Rldi1leGFtcGxlLm9rdGEuY29tL29hdXRoMi9hdXNkOHNsbmRpYVNnMXY0MTIzNCIsImF1ZCI6ImFwaTovL2h1YiIsImlhdCI6MTcwMDcyNzExOCwiZXhwIjoxNzAwNzMwNzE4LCJjaWQiOiIwb2FkOWZrbW81NjRUM2pSMzVlNiIsInVpZCI6IjAwdWRnZTJmcjBPcThJTXFLNWU2Iiwic2NwIjpbIm9wZW5pZCJdLCJhdXRoX3RpbWUiOjE3MDA3MjcxMjEsInN1YiI6ImphbmUuZG9lQHRyYWVmaWstYWlybGluZXMuaW8iLCJncm91cHMiOlsiRXZlcnlvbmUiXX0.8LHqpNnh-JxX-mb7YyTLPhnxYtSxSjQIWXIxmcsG6qA"

Second, copy the access token, this is everything between "".

Keycloak

Token example

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2OTk1MTg5NDYsImlhdCI6MTY5OTUxODY0NiwianRpIjoiN2U5ZTUxYjQtN2M5Ny00MjdiLWIyZWMtYzA1NGIyMGFiMDMwIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay5leGFtcGxlLmlvL3JlYWxtcy9rZXljbG9hay1kZW1vIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjM0MTYwNWIyLWU0NGItNGNkMC1hNDZjLWEwNjMzNWFhYTVkYiIsInR5cCI6IkJlYXJlciIsImF6cCI6Imp3dC1kZW1vIiwic2Vzc2lvbl9zdGF0ZSI6IjU2MDQwZmE3LTJiZjQtNGRhZi05YjhhLWEzZjRmZjhhZWM3MSIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsiLyoiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbImRlZmF1bHQtcm9sZXMta2V5Y2xvYWstZGVtbyIsIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6Imdyb3VwcyBlbWFpbCBwcm9maWxlIHVzZXJfaWQiLCJzaWQiOiI1NjA0MGZhNy0yYmY0LTRkYWYtOWI4YS1hM2Y0ZmY4YWVjNzEiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IkphbmUgRG9lIiwiZ3JvdXBzIjpbInN1cHBvcnQiXSwicHJlZmVycmVkX3VzZXJuYW1lIjoiamFuZS5kb2UiLCJnaXZlbl9uYW1lIjoiSmFuZSIsImZhbWlseV9uYW1lIjoiRG9lIiwiZW1haWwiOiJqYW5lLmRvZUB0cmFlZmlrLWFpcmxpbmVzLmlvIn0.3NcJ3sbItZmPLe6ZAome17yT-50MM6mjumeh9ROvNfE

Okta

Access token example

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ2ZXIiOjEsImp0aSI6IkFULkZxUXZ4dzN1TmY5WWVLUXNadkluMWxROE9oUWNMM2ZwV2p4eEh6WFFXRVIiLCJpc3MiOiJodHRwczovL2Rldi1leGFtcGxlLm9rdGEuY29tL29hdXRoMi9hdXNkOHNsbmRpYVNnMXY0MTIzNCIsImF1ZCI6ImFwaTovL2h1YiIsImlhdCI6MTcwMDcyNzExOCwiZXhwIjoxNzAwNzMwNzE4LCJjaWQiOiIwb2FkOWZrbW81NjRUM2pSMzVlNiIsInVpZCI6IjAwdWRnZTJmcjBPcThJTXFLNWU2Iiwic2NwIjpbIm9wZW5pZCJdLCJhdXRoX3RpbWUiOjE3MDA3MjcxMjEsInN1YiI6ImphbmUuZG9lQHRyYWVmaWstYWlybGluZXMuaW8iLCJncm91cHMiOlsiRXZlcnlvbmUiXX0.8LHqpNnh-JxX-mb7YyTLPhnxYtSxSjQIWXIxmcsG6qA

Portal UI

1. Choose the API you want to use, this example uses the Ticket API.
2. Second, select the endpoint you want to use.
3. Third, choose the authorization type for the API and add your API key. Bearer token: The JWT token is included in the request header. API key: You send the JWT token to the API as query parameter.
4. Paste your JWT token.
5. Set the limit.
6. Select Send API Request.
7. View the output

https://dev.example.com/apis/customer-api@traefik-airlines#/