I am trying to connect to an API and based on their requirement, JWToken is required to make a call and the JWToken must be signed using the provided consumer secret.
Now, they have a sample code in python that works well. I just want to know how to make it work with salesforce.
Here's the python code: (i've replaced the consumer id,secret,token and endpoints with random values.)
import jwt
import _datetime
import requests
app_consumer_id = "000"
app_consumer_secret = "000"
app_access_token = "0000"
base_url = "https://baseurl.com"
end_point = "/API/endpoint/version/client/"
httpMethod = "GET"
# obtain the uri for the endpoint I'm going to query for
uri = base_url + end_point
# set up the jwt token claims dictionary
claims = {
"iss": "http://mydomain.com.au",
"aud": "https://audience.com",
"nbf": _datetime.datetime.utcnow(),
"exp": _datetime.datetime.utcnow() + _datetime.timedelta(seconds=60),
"consumerId": app_consumer_id,
"accessToken": app_access_token,
"url": uri,
"httpMethod": httpMethod
}
# create the base64 encoded JWtoken string as byte code
encoded_jwt_byte = jwt.encode(claims, app_consumer_secret, algorithm='HS256')
# convert the byte code to a string
jwt_str = str(encoded_jwt_byte, 'utf-8')
# create signing headers
headers = {'Authorization': 'JwToken' + ' ' + jwt_str, 'content-type': 'application/json'}
# send the request and obtain the result
response = requests.get(uri, verify=True, headers=headers, timeout=45)
# print the returned json to my console
print(response.json())
Best Answer
It's pretty similar with Salesforce, but your sample code has the parameters incorrect for the platform. See OAuth 2.0 JWT Bearer Token Flow from the Salesforce documentation for more details. Rather than using the JWT for authorization on REST requests, you'll exchange it for an access token, which you'll then include with a
Bearer
authorization header (if you're constructing your REST requests manually).I use JWT in Python in one of my projects and have a Gist available showing how to use it with
simple_salesforce
. It's short, so I'll include the entirety here:Call
jwt_login()
with the consumer Id, username, JWT signing key, and a Boolean for sandbox or production and you'll get back asimple_salesforce.Salesforce
instance. If you aren't using that library and just want the access token, you couldreturn body['access_token']
instead and modify the error handling.N.b. as written this requires Python 3.6 for the time handling.