Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Fixed In:
17.0.0
Opened: Apr 18, 2019 Severity: 4-Minor
If the Client/Resource Server receives a JWE token it will be shown as an invalid token.
The APM Client/Resource server is unable to consume the JWE token.
1. BIG-IP APM deployed as OAuth Client/Resource Server. 2. Third party Authorization Servers such as Ping Federate is deployed. JWE enabled in JWT Key configuration 3. APM receives Access/ID tokens in JWE format from AS.
N/A
APM OAuth Client and Resource Server now supports consumption of JWE token (which is sent by third party AS).