The users detected that Encode / Decode JWT assertions are not implementing RFC 7797 for un-encoded payload option, which is required as per Open Banking specification.
The customer needs support to the new RFC 7797 updating the JWS signature definitions.
Is this RFC 7797 supported in any minor version of the API Gatewat 9.4?
If not, will it be supported in any future version ?
Release : 9.4
Component : API GTW ENTERPRISE MANAGER
This feature is not supported in a minor version. It is targeted for a next release of Gateway which is due out sometimes in the earlier part of this year.
The actual fix removes all the spaces and next line characters before feeding the payload and headers to the signing/validation algorithm.
We also concluded that gateway supports RFC 7797 which was the original doubt from the customer.
And the critical headers fix will be available as a part of Gateway Post release 9.4. After the fix, Gateway will support critical headers as well.