Get a JSON Web Token (JWT)
This tutorial shows how to get a JSON Web Token (JWT), which can be used to access secured endpoints created in the tutorials Expose and secure a workload with Istio and Expose and secure a workload with JWT.
Prerequisites
You are using an OpenID Connect-compliant (OIDC-compliant) identity provider.
Get a JWT
In your OIDC-compliant identity provider, create an application to get your client credentials such as Client ID and Client Secret.
Export your client credentials as environment variables. Run:
Click to copyexport CLIENT_ID={YOUR_CLIENT_ID}export CLIENT_SECRET={YOUR_CLIENT_SECRET}Encode your client credentials and export them as an environment variable:
Click to copyexport ENCODED_CREDENTIALS=$(echo -n "$CLIENT_ID:$CLIENT_SECRET" | base64)In your browser, go to
https://YOUR_OIDC_COMPLIANT_IDENTITY_PROVIDER_INSTANCE/.well-known/openid-configuration
, save the values of the token_endpoint, jwks_uri and issuer parameters, and export them as environment variables:Click to copyexport TOKEN_ENDPOINT={YOUR_TOKEN_ENDPOINT}export JWKS_URI={YOUR_JWKS_URI}export ISSUER={YOUR_ISSUER}Get the JWT:
Click to copycurl -X POST "$TOKEN_ENDPOINT" -d "grant_type=client_credentials" -d "client_id=$CLIENT_ID" -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic $ENCODED_CREDENTIALS"Save the JWT and export it as an environment variable:
Click to copyexport ACCESS_TOKEN={YOUR_ACCESSS_TOKEN}
Result
You have created your access token.
Next steps
You can use your access token in the following tutorials: