The selection of a client and authorization server determines the keystore type. Configure PAS for OpenEdge to use the encryption keys used to lock the JWT token.

  1. Identify the keystore type.

    This example uses the most common keystore, JWK, or JSON Web Key. It represents a cryptographic key and requires a URL that points to a JWK set of public keys and/or Digital Certificates downloaded from the authorization server.

  2. Set the keystore type and any related properties.
    1. Edit the instance-dir/webapps/web-app-name/WEB-INF/oeablSecurity.properties file. In this example, the property jwtToken.keystore.type is jwk
    2. Set the related properties. If the type is jwk, then set the jwtToken.keystore.jwkurl to URI for the authorization server's JWK. 
      jwtToken.keystore.type=jwk
jwtToken.keystore.jwkurl=URI for the authorization server's JWK
      Note: Choosing a different type requires different property changes.
  3. Save the file.

For more information about JWT keystores, see Configure an OAuth2 keystore .

For more information about managing keys and certificates, see Manage OpenEdge Keys and Certificates .