Layer 7 Access Management

CA SSO Federation with JWT Token 

10-10-2017 04:11 AM

CA SSO Federation with JWT Token (CA SSO as Idp)

(only with CA SSO 12.7)


When I’m writing this document, SWAT team and development are setting up a federation configuration in which the CA SSO environment is acting as Service Provider. If you need more details, please check it in the CA internal Validate site or contact your CA representative.

This document instead explains how to implement a federation use case using JWT where CA SSO is acting as an Identity Provider or, in OpenId terminology, OP (OpenId Provider).


Important note: this configuration does not requires any custom code, but use the standard Out-Of-The-Box features of CA SSO 12.7.

0 Favorited
1 Files
docx file
CA SSO Federation with JWT Token.docx   777K   1 version
Uploaded - 05-29-2019

Tags and Keywords


10-11-2017 07:24 PM

Hi Francesco


I was interested since was trying to setup a Client side SSO Federation partnership with an SSO IDC Provider.  it is an internal community post "SSO Client Federation Partnership to SSO OpenIDC Provider"  currently in experts forum, waiting for a bug fix - a search for that will find it.  (The bug is about UserInfo call not compatible from an SSO client sending request to an SSO IDC Provider) Once we have the bugfix, I will post that article on SSO public forum.


But also these links might be relevant too: 

Jack's article : CA SSO OpenID Connect Provider - Agentless SSO 

One I did : CA SSO OpenID Connect Provider - with Apache OpenID Client 


Cheers - Mark

Mark O'Donohue
Snr Principal Support Engineer - Global Customer Success

Related Entries and Links

No Related Resource entered.