• Airlock Secure Access Hub
  • About this document
  • About Airlock IAM
  • IAM 8.4 release notes
  • Security best practices
  • Installation and upgrade
  • Operation
  • Initial configuration
  • Configuration management
  • Authentication
  • Self-services
  • Target applications
    • Target application selection
    • Access control (end-users)
    • Securing REST / service APIs
      • Flow auth. API with Gateway sessions
      • Flow authn. API with JWTs and one-shot
        • Request flow
        • Configuration with JWT
      • Authenticate apps with Device Tokens
      • OAuth 2 for native apps
    • Identity propagation
    • Terms and conditions
    • PSD2 support
  • OAuth and OIDC
  • SAML
  • API access control
  • Flows (Airlock IAM concept)
  • Loginapp Configuration
  • Adminapp Configuration
  • Service Container Configuration
  • Transaction Approval Configuration
  • IAM REST APIs
  • Customizing UIs and texts
  • Third-party licenses
  1. Target applications
  2. Securing REST / service APIs
  3. Flow authn. API with JWTs and one-shot

Using the flow authentication API with JWTs and one-shot authentication

 
Info

Use this variant if the REST client (e.g. mobile app) needs a bearer token that can also be used with 3rd party systems that are not connected to IAM.

Chapter content

Request flow
Configuration using JWT bearer tokens