Lab 1.1 - Create a JWT Provider
==================================

The cornerstone of the API protection profile is the ability to authorize users using JWT. Unlike Guided Configuration that creates the JWT Provider for you based on a few defined parameters, you must create the provider manually.

Task 1 - Create a key configuration
--------------------------------------

.. note :: Ensure you are logged into BIGIP1

1. From the web browser, click on the **Access** tab located on the left side.

|image0|

2. Navigate to Federation >> JSON Web Token >> Key Configuration. Click the  **+ (Plus Symbol)**

|image1|

3. Configure the following parameters:

- Name: **api-jwt-key**
- ID: **lab**
- Octet: **Octet**
- Signing Algorithm: **HS256**
- Shared Secret: **secret**

4. Click **Save**

|image2|


Task 2 - Create an Authorization Provider
-------------------------------------------

1. Navigate to Federation >> OAuth Client/Resource Server >> Provider. Click the **+ (Plus Symbol)**

|image3|

2. Configure the following parameters:

- Name: **api-as-provider**
- Trusted Certificate Authorities: **ca.acme.com.crt**
- OpenID URL: replace f5-oauth.local with **prebuilt-as.acme.com**

3. Click Discover

|image4|

4. The Authentication URI, Token URI, Token Validation Scope URI, and UserInfo URI should be updated

|image5|

5. Click **Save**


Task 3 - Customize the Token Configuration
---------------------------------------------

1. Navigate to Federation >> JSON Web Token >> Token Configuration. Click **Token Configuration**, not the + (Plus Symbol)

|image6|

2. Click on **auto_jwt_api-as-provider**

|image7|

3. Move **api-jwk-key** from Available to Allowed

4. Click **Save**

|image8|


Task 4 - Create a JWT Provider
--------------------------------

1. Navigate to Federation >> JSON Web Token >> Provider List. Click the **+ (Plus Symbol)**

|image9|

2. Enter the name: **as-jwt-provider**

3. Click **Add** so api-as-provider is added to list of providers

4. Click **Save**

|image10|

.. |image0| image:: /_static/class1/module1/image000.png
	:width: 800px
.. |image1| image:: /_static/class1/module1/image001.png
	
.. |image2| image:: /_static/class1/module1/image002.png
.. |image3| image:: /_static/class1/module1/image003.png
.. |image4| image:: /_static/class1/module1/image004.png
.. |image5| image:: /_static/class1/module1/image005.png
	:width: 800px
.. |image6| image:: /_static/class1/module1/image006.png
	:width: 800px	
.. |image7| image:: /_static/class1/module1/image007.png

.. |image8| image:: /_static/class1/module1/image008.png
.. |image9| image:: /_static/class1/module1/image009.png
.. |image10| image:: /_static/class1/module1/image010.png