Related Documents
Document Properties
Last Modified01-Oct-2020
Added to KB01-Oct-2020
Public AccessEveryone
Doc TypeGuidelines, Concepts & Cookbooks
ProductICM 7.10

Guide - REST Requests with JWT

Product Version


Product To Version



1 Introduction

SSO will be introduced step by step. This release contains the SSO for REST.

2 Migration

The migration for existing systems does not need to execute dbmigrate. But the implementation for the PWA or other REST clients must be adapted. The following features should be adapted or at least tested:

  • Login
  • Authentication for all requests
  • Logout

Old token handling can be replaced by JSON-Web-Token for local ICM registration. This feature will consolidate the authentication process and enhance the security of the token handling by using strong encryption methods to build and validate the signature of the authentication token.

2.1 Documents

3 Availability of SSO 

This page contains a collection of version numbers related to supported SSO features.

Feature/ApplicationAllKeycloakAzure AD B2BAzure AD B2CAuth0
Enterprise Backoffice
Channel Backoffice
REST (Backoffices)
REST (SF implicit B2C)

REST (SF explicit B2C)(*



inSPIRED  (SF) login/logout7.10.24.0

inSPIRED  (SF) registration B2C(*

inSPIRED  (SF) registration B2B(*

)* in development

3.1 Internal Features

ICM VersionContent produces JWT token for own REST API

4 Next Items on Roadmap

PWAImplement and Integrate SSO flows with Auth0 
ICMIntegrate SSO authentication into REST API for Storefront Applications


The information provided in the Knowledge Base may not be applicable to all systems and situations. Intershop Communications will not be liable to any party for any direct or indirect damages resulting from the use of the Customer Support section of the Intershop Corporate Web site, including, without limitation, any lost profits, business interruption, loss of programs or other data on your information handling system.

Customer Support
Knowledge Base
Product Resources