WORKLOAD AUTOMATION COMMUNITY
  • Home
  • Blogs
  • Forum
  • Resources
  • Events
    • IWA 9.5 Roadshows
  • About
  • Contact
  • What's new

What's new in the Workload Automation portfolio.

We're always working on building new features and improving existing ones.
Here's where you can learn about all of our changes.

Enhancing agent authentication using JSON Web Tokens

12/12/2022

 
10.1.0.1
DWC
Engine
On Premise

 â€‹Use JSON Web Tokens to enhance your agent authentication standard.

A JSON Web Token (JWT) is a standardized, self-contained access token which makes it possible for two parties to securely exchange data. Authentication information, expiry time information, and other user-defined claims are digitally signed, so that no database queries are required and the session does not need to be stored on a server.

JWT is especially suited for authentication purposes. Its short messages can be encrypted and securely convey who the sender is and whether they have the necessary access rights. It is also very useful in REST applications, because it ensures stateless protocols, since the information for the authentication is sent with the request.

JWT ensures mutual authentication between master domain manager and dynamic agents. Using JWT is easier and more immediate than downloading and maintaining certificates and, in a containerized environment, you no longer need to configure the ingress controller for SSL passthrough. For more information about JWT on containers, see the Ingress controller section in Workload Automation Server topic in the Documentation.

For more information about configuring security and authentication, see Connection security overview topic in the Documentation.

To download the JWT on your dynamic agents at installation time, use the jwt parameter as explained in Agent installation parameters - twsinst script. You can also download the JWT at a later time as explained in Certificates download to dynamic agents - AgentCertificateDownloader script.

You can find some installation examples in Example installation commands

You can also revoke a JWT simply by deleting the workstation definition where the JWT is installed. For more information about deleting a scheduling object from the command line and Dynamic Workload Console, see Revoking and reissuing a JSON Web Token topic in the Documentation.

Ensure there are no misalignments in date and time in your network nor significant network delays because this might prevent JWT from working.

    Categories

    All
    10.1.0
    10.1.0.1
    9.5.0
    9.5.0.1
    9.5.0.2
    9.5.0.3
    9.5.0.4
    9.5.0.5
    API Keys
    Dwc
    Engine
    JWT
    Mainframe
    OCLI
    On-cloud
    On-cloud
    On Premise
    On-premise
    Orchestration CLI
    REST API
    SAAS
    Self-Service Catalog
    SSC

www.hcltechsw.com
About HCL Software 
HCL Software is a division of HCL Technologies (HCL) that operates its primary software business. It develops, markets, sells, and supports over 20 product families in the areas of DevSecOps, Automation, Digital Solutions, Data Management, Marketing and Commerce, and Mainframes. HCL Software has offices and labs around the world to serve thousands of customers. Its mission is to drive ultimate customer success with their IT investments through relentless innovation of its products. For more information, To know more  please visit www.hcltechsw.com.  Copyright © 2019 HCL Technologies Limited
  • Home
  • Blogs
  • Forum
  • Resources
  • Events
    • IWA 9.5 Roadshows
  • About
  • Contact
  • What's new