You can enable JSON Web Token (JWT) authentication for a managed Informatica Cloud Application Integration API that meets all of the following criteria:
The associated process uses HTTP/SOAP binding.
The associated process uses basic authentication and defines the user groups and users who can access the process service URL at run time.
The associated process is published and exposed as a service.
JWT is an open standard that helps in the secure transmission of information between API consumers and REST web services such as Informatica Cloud Application Integration service APIs.
When you configure JWT authentication, you can generate a token using API Manager or API Portal and use the generated token to invoke the API. API consumers invoke the API by passing the token as a bearer token in the HTTP Authorization header.
An API token identifies an API by its name and version. If you delete an API and then create an API with the same name, you can continue to use the same token to invoke the API.
You can create groups of managed APIs and then generate a token for the group to use when invoking any JWT authenticated API in the group. You can add or remove APIs from the group.
A group token identifies an API group by its group ID. If you delete a group and then create a group with the same name, you can't continue to use the same group token to invoke APIs in the group. You must create a new token for the group.
If an API that has a token is part of a group that has a group token, you can use either token to invoke the API.
JWT tokens that you create for a managed API apply to the API version for which they are created. When you create a new version of an API where JWT authentication is enabled, generate JWT tokens for it.