Hi! Ory team, I have a question about the end-to-end test of JWT token Here is our use case: • Frontend login user and get the JWT token • Frontend sends the request to API with token • API introspects the token to validate the request My question is, how can we do the e2e test purely on the side of the backend. Let’s say the test flow may be: • Some scripts that generate the mock JWT token (Does Ory provide a way to generate these test tokens without going through the Authorization code flow in the frontend side?) • API introspects the token to validate the request

You can probably use Ory Oathkeeper for that, but there is no fits-all solution/guide as of now. Have a look at the examples here and feel free to open an issue with more details if there is something missing: https://github.com/ory/examples/tree/master/oathkeeper

@magnificent-energy-493 Thanks for the reply. Does this mean no method exposed by Ory network API can facilitate this use case? And we need to setup a local Ory stack for test?

@high-ram-25481 The thing that is missing is the JWT for authentication. Ory uses a - we believe - better approach: https://www.ory.sh/docs/security-model. As it says further below: Ory Zero Trust Identity and Access Proxy (Ory Oathkeeper) can “convert” Ory Sessions to JSON Web Tokens. Using Ory Oathkeeper is recommended when developing sophisticated applications with control over network traffic (think Kubernetes, OpenShift). The Ory Zero Trust Identity and Access Proxy (Ory Oathkeeper) always has to be deployed on your local infra, the rest of Ory services you can also use in the managed Ory Network service.

Ory Zero Trust Identity and Access Proxy (Ory Oathkeeper) can “convert” Ory Sessions to JSON Web Tokens.

hello @magnificent-energy-493, we have tried this and it worked, the only problem is that the Ory proxy is using

ES256

algorithm, is it possible to change it to

RS256

?

Hey @brash-football-81924 Would you be willing to open a feature request for this on github.com/ory/network? Or reach out to your account manager for Ory Network! That would help us triage it, thanks!