Hi Keshava,
If you are using an external caching server, like redis or memcached, we have a tactical assertion that can be provided that will store to the cluster.
Otherwise, it sounds like you have created a custom grant type here, is that right?
If so, in that policy you could simply add the JWT (or extracted user id) to the token itself when it is generated. This would persist it along side the token.
Hope this helps.
Regards,
Joe
Original Message:
Sent: 11-20-2019 01:27 AM
From: Keshava Murthy Jayaram
Subject: Using OTK Session Store as Cache
Hi,
We have a use case where Gateway generates an OAuth token based on the incoming session token validation with a 3rd party system. The sessionToken is a JWT that will have a user id. When we generate the OAuth token, we want to be able to cache the User id alongside the Token so that the runtime calls can validate the token against the user invoking it.
The OOTB Gateway cache is specific to a node and therefore we wanted to use the OTK session store to achieve this as it persists to DB. Can you please let me know if there are any issues with this approach.