How to configure Outbound Rest Message with oAuth 2.0 JWT Bearer grant flow?Description<!-- div.margin{ padding: 10px 40px 40px 30px; } table.tocTable{ border: 1px solid; border-color:#E0E0E0; background-color: rgb(245, 245, 245); padding-top: .6em; padding-bottom: .6em; padding-left: .9em; padding-right: .6em; } table.noteTable{ border:1px solid; border-color:#E0E0E0; background-color: rgb(245, 245, 245); width: 100%; border-spacing:2; } table.internaltable { white-space:nowrap; text-align:left; border-width: 1px; border-collapse: collapse; font-size:14px; width: 85%; } table.internaltable th { border-width: 1px; padding: 5px; border-style: solid; border-color: rgb(245, 245, 245); background-color: rgb(245, 245, 245); } table.internaltable td { border-width: 1px; padding: 5px; border-style: solid; border-color: #E0E0E0; color: #000000; } .title { color: #D1232B; font-weight:normal; font-size:28px; } h1{ color: #D1232B; font-weight:normal; font-size:21px; margin-bottom:-5px } h2{ color: #646464; font-weight:bold; font-size:18px; } h3{ color: #000000; font-weight:BOLD; font-size:16px; text-decoration:underline; } h4{ color: #646464; font-weight:BOLD; font-size:15px; text-decoration:; } h5{ color: #000000; font-weight:BOLD; font-size:13px; text-decoration:; } h6{ color: #000000; font-weight:BOLD; font-size:14px; text-decoration:; } ul{ list-style: disc outside none; margin-left: 0; } li { padding-left: 1em; } --> Description This article focusses on configuring oAuth 2.0 JWT bearer grant flow for outbound rest message. Procedure 1.KB0718030 has the steps to configure oAuth Profile for JWT Grant Type. 2.Once the profile is completed, Goto System Webservices >> Outbound >> Rest Message. 3.Open Rest Message. 4.Select JWT oAuth Profile from Authentication >> oAuth Profile field. 5.Save 6.Click Get oAuth Token to generate JWT token from oAuth Provider.Once the token is generated, token details are shown at the info message section. 7.Goto System oAuth >> Manage Token to see the JWT Token details.Filter the token by oAuth Profile. 8.Use the below scripting to test outbound rest message via Scripting. jwtDemo();function jwtDemo(){ try { var r = new sn_ws.RESTMessageV2('Box JWT Demo', 'Default GET'); //override authentication profile //r.authentication type = 'oauth2';//r.setAuthenticationProfile(authentication type, "JWT_Demo default_profile"); //set a MID server name if one wants to run the message on MID//r.setMIDServer('MY_MID_SERVER'); //if the message is configured to communicate through ECC queue, either//by setting a MID server or calling executeAsync, one needs to set skip_sensor//to true. Otherwise, one may get an intermittent error that the response body is null//r.setEccParameter('skip_sensor', true); var response = r.execute();gs.info("response is"+response);var responseBody = response.getBody();gs.info("response body is"+responseBody);var httpStatus = response.getStatusCode();gs.info("httpStatus is"+httpStatus);}catch(ex) {var message = ex.message;gs.info("Message is"+message);} } Output: Ignore oauth entity from request. Use provider from oauth entity profile.Getting JWTProvider for jwtProviderSysId = e4967691dbf92300980c90b6db96190dAuth Cache hit, getting jwtProvider from cache.Getting JWTProviderConfig for jwtProviderId = e4967691dbf92300980c90b6db96190dAuth Cache hit. Getting JWTProviderConfiguration from cacheStarted to generate JWTAuthAdding payload claims to jwt with name = box_sub_type and value = enterpriseAuthAdding payload claims to jwt with name = aud and value = https://api.box.com/oauth2/tokenAuthAdding payload claims to jwt with name = sub and value = 120961449AuthAdding payload claims to jwt with name = iss and value = o9xqbay28g97deumamwz2s0tvtsfrusbAuthAdding claims to jwt. Header Claims = [], keyId = , issuedAt = Thu Nov 15 15:15:52 PST 2018, expiresAt = Thu Nov 15 15:16:52 PST 2018, issuer = o9xqbay28g97deumamwz2s0tvtsfrusb, notBefore = null, signingAlgorithms=RS256, jwtId=e5a988d8-23da-465f-b34c-bbecff42257cSuccessfully generated JWTOAUTH - OAuthHTTPRequest : Sending http request, url:https://api.box.com/oauth2/tokenOAUTH - OAuthHTTPRequest : Sending http request, body:grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJodHRwczovL2FwaS5ib3guY29tL29hdXRoMi90b2tlbiIsInN1YiI6IjEyMDk2MTQ0OSIsImJveF9zdWJfdHlwZSI6ImVudGVycHJpc2UiLCJpc3MiOiJvOXhxYmF5MjhnOTdkZXVtYW13ejJzMHR2dHNmcnVzYiIsImV4cCI6MTU0MjMyMzgxMiwiaWF0IjoxNTQyMzIzNzUyLCJqdGkiOiJlNWE5ODhkOC0yM2RhLTQ2NWYtYjM0Yy1iYmVjZmY0MjI1N2MifQ.O1f7vpKPKgGJWfOn_hXIu18d5AVv8wjqaxvEGlVQaNBWTQ3H4AKJ1XcE1VFrpeCXpxb0uZ2wb_O4JctZeX-qP7aH9R9QovT9tMpxEQCpmDNX5XAs3iw_X5yfT_eYszMBcrS2ZpXbEj82lVLgGixV7tRWhq0tLgIoIUAPcnbAsu2L6ec5wsCyqAv4l4XwqicYjk8Pl94WbcfmFF3Cg2eWhELB2EFG5_V48NOsvTHWBTkwp-aLS-YIH17w5uPAKht7BjtW0CBsbrCxjgVoc_VGpLqHNyl0BXMHI9wBDSCffA2sWamGTDxqferagdYXt_8jfkahqslKhmCAbCUonfnBSw&client_secret=DRcW5sBRcuy4jDqryIoPB5BhCw7h1QzL&client_id=o9xqbay28g97deumamwz2s0tvtsfrusbSecurityUtils: Obfuscating Key : access_token and all its children!OAUTH - OAuthHTTPRequest : Received http response: {"access_token":"********","token_type":"bearer","expires_in":4245,"restricted_to":[]}StorageEncrypter: ignoring already encrypted text starting with: aIm:S...*** Script: response is[object RESTResponseV2]*** Script: response body is{"type":"folder","id":"0","sequence_id":null,"etag":null,"name":"All Files","created_at":null,"modified_at":null,"description":"","size":0,"path_collection":{"total_count":0,"entries":[]},"created_by":{"type":"user","id":"","name":"","login":""},"modified_by":{"type":"user","id":"6441126643","name":"empiali1(jwt_demo)","login":"AutomationUser_697501_AXOowVN7fY@boxdevedition.com"},"trashed_at":null,"purged_at":null,"content_created_at":null,"content_modified_at":null,"owned_by":{"type":"user","id":"6441126643","name":"empiali1(jwt_demo)","login":"AutomationUser_697501_AXOowVN7fY@boxdevedition.com"},"shared_link":null,"folder_upload_email":null,"parent":null,"item_status":"active","item_collection":{"total_count":0,"entries":[],"offset":0,"limit":100,"order":[{"by":"type","direction":"ASC"},{"by":"name","direction":"ASC"}]}}*** Script: httpStatus is200 Applicable Versions Madrid