Implementation checklist for external users
To configure the system APIs for authentication for external users, you may need to do the following tasks:
| Task | More Information |
|---|---|
| Enable asymmetric encryption | Enabling bearer token authentication |
| Provide deployment information | Enabling bearer token authentication |
| Configure the IdP to store user information | Enabling bearer token authentication |
| Register the caller application with Guidewire Hub | Enabling bearer token authentication |
| Create or modify API roles | Endpoint access |
Review the resource access provided by the pc_accountNumbers
resource strategy |
Resource access |
| Configure the proxy user | Proxy user access |
| Configure the IExpandTokenPlugin plugin to retrieve additional authorization values, if needed | Configuring the IExpandTokenPlugin plugin |
To make a system API call for external users, the caller application must:
- Request a code from Guidewire Hub
- Use the code to request a JWT from Guidewire Hub
- Include the JWT with the system API call
For more information, see Sending authenticated calls for external users.