Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Data Integration Connectors
  • All Products

Table of Contents

Search

  1. Preface
  2. Introduction to REST V2 Connector
  3. Connections for REST V2
  4. REST V2 operations
  5. Mappings and mapping tasks with REST V2 Connector
  6. Swagger File Generation
  7. Appendix A: Swagger objects
  8. OpenAPI objects

REST V2 Connector

REST V2 Connector

Back Next

JWT bearer token authentication

JWT bearer token authentication

JWT bearer token authentication requires at a minimum the JWT header, JWT payload, and authorization server URL.
The following table describes the basic connection properties for JWT bearer token authentication:
Property
Description
JWT Header
JWT header in JSON format.
Sample:
{
"alg":"RS256",
"kid":"xxyyzz"
}
You can configure
HS256
 and
RS256
 algorithms.
JWT Payload
JWT payload in JSON format.
Sample:
{
"iss":"abc",
"sub":"678",
"aud":"https://api.box.com/oauth2/token",
"box_sub_type":"enterprise",
"exp":"120"
,
"jti":"3ee9364e"
}
The expiry time represented as
exp
 is the relative time in seconds. The expiry time is calculated in the UTC format from the token issuer time (
iat
).
When
iat
 is defined in the payload and the expiry time is reached, mappings and Generate Access Token fails. To generate a new access token, you must provide a valid
iat
 in the payload.
If
iat
 is not defined in the payload, the expiry time is calculated from the current timestamp.
To pass the expiry time as a string value, enclose the value with double quotes. For example:
"exp":"120"
To pass the expiry time as an integer value, do not enclose the value with double quotes.
For example,
"exp":"120"
Authorization Server
Access token URL configured in your application.
KeyStore File Path
The absolute path of the keystore file that contains the keys and certificates required to establish a two-way secure communication with the REST API. Specify a directory path that is available on each Secure Agent machine.
You can also configure the keystore file name and path as a JVM option or import the certificate to any directory.
For the serverless runtime environment, specify the keystore file path in the serverless agent directory.
For example,
/home/cldagnt/SystemAgent/serverless/configurations/ssl_store/<cert_name>.jks
KeyStore Password
The password for the keystore file required for a secure communication.
You can also configure the keystore password as a JVM option.
Private Key Alias
Alias name of the private key used to sign the JWT payload.
Private Key Password
The password for the keystore file required for a secure communication. The private key password must be same as the keystore password.
Access Token
The access token value.
Enter the access token value or click
Generate Access Token
 to populate the access token value.
To pass the generate access token call through a proxy server, you must configure an unauthenticated proxy server in the Secure Agent properties. The proxy configured in the connection configuration does not apply to the generate access token call.
Swagger File Path
The path of the Swagger file or OpenAPI file.
You can specify one of the following file paths:
  • Path and file name of the Swagger or OpenAPI file on the Secure Agent machine.
  • The URL on which the Swagger or OpenAPI file is hosted. The hosted URL must return the content of the file without prompting for further authentication and redirection.
For example, the path of the swagger file can be:
C:\swagger\sampleSwagger.json
The user must have the read permission for the folder and the file.

Advanced settings

The following table describes the advanced connection properties for JWT bearer token authentication:
Property
Description
Authorization Advanced Properties
Additional parameters to use with the access token URL. Parameters must be defined in the JSON format.
For example,
[\{"Name":"client_id","Value":"abc"},\{"Name":"client_secret","Value":"abc"}]
TrustStore File Path
The absolute path of the truststore file that contains the TLS certificate to establish a one-way or two-way secure connection with the REST API. Specify a directory path that is available on each Secure Agent machine.
You can also configure the truststore file name and password as a JVM option or import the certificate to the following directory:
<Secure Agent installation directory\jre\lib\security\cacerts
.
For the serverless runtime environment, specify the truststore file path in the serverless agent directory.
For example,
/home/cldagnt/SystemAgent/serverless/configurations/ssl_store/<cert_name>.jks
TrustStore Password
The password for the truststore file that contains the SSL certificate.
You can also configure the truststore password as a JVM option.
Proxy Type
Type of proxy.
Select one of the following options:
  • No Proxy. Bypasses the proxy server configured in the agent or the connection properties.
  • Platform Proxy. Considers the proxy configured in the agent.
  • Custom Proxy. Considers the proxy configured in the connection properties.
Proxy Configuration
The format required to configure proxy.
You can configure proxy using the following format:
<host>:<port>
You cannot configure an authenticated proxy server.
Advanced Fields
Enter the arguments that the agent uses when connecting to a REST endpoint.
When you specify multiple arguments, separate each argument by a semicolon.
For example,
connectiondelaytime:10000;retryattempts:5
You can specify the following arguments:
  • ConnectionTimeout
    . The wait time in milliseconds to get a response from a REST endpoint. The connection ends after the connection timeout is over.
    Default is the timeout defined in the endpoint API.
    If you define both the REST V2 connection timeout and the endpoint API timeout, the connection ends at the shortest defined timeout.
  • connectiondelaytime
    . The delay time in milliseconds to send a request to a REST endpoint.
    Default is 10000.
  • retryattempts
    . Number of times the connection is attempted when 400 and 500 series error codes are returned in the response.
    Default is 3. Specify 0 to disable the retry attempts.
  • qualifiedSchema
    . Determines if the schema selected is qualified or unqualified.
    Default is false.
0 COMMENTS
We’d like to hear from you!