I am looking to implement policy evaluation for transactional authorization using IG policyEnforcement filter. However, we have a requirement to use jwtSubject instead of ssoTokenSubject. wondering if anyone had done this before.
Firstly, I’m always happy to hear when a customer decides to use the policy framework for fine grained authorizations, which may or may not include Advices or Transaction Authorization. Now if we could only get more customers to use the OAuth2 Claims implementation… as opposed to providing a claims script in the OAuth2 Provider… Another challenge for another day.
Within the policy itself, there is a provision for the Subject criteria to reference an OIDC/Jwt Claim. Have you tried that? What was your outcome please?