Versions Compared

Old Version 3

changes.mady.by.user Bart Sopers

Saved on

compared with

New Version Current

changes.mady.by.user Robin Collard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagetext
# Global configuration
blueriq.security.login-type = jwt

# Auth-provider type declaration
blueriq.security.auth-providers.jwt.type = jwt

# JWT decoder, below is an OpenId Connect with keycloak example 
spring.security.oauth2.resourceserver.jwt.jwk-set-uri: = https://<KEYCLOACK>:<port>/realms/<YOUR_REALM>/protocol/openid-connect/certs

# Add the JWT authentication provider to the chain
blueriq.security.auth-providers-chain = jwt

...

When using the Oauth JWT Authentication Provider the Development Dashboard will redirect unauthenticated users (when authentication is required) to the Blueriq Gateway Service as its source of authorization. More information regarding the Development Dashboard flow can be found here.

Audit logging

The audit log is built to log login requests from the Runtime. When the JWT login type is used, the user never requests to login at the Runtime, but another component outside the Blueriq Platform facilitates this. Therefore, login attempts cannot be not audit logged. Please make sure the login provider (for example Keycloak) is set to log authentication requests for audit purposes.