Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update JWT Policy documentation #752

Open
tech-Nico opened this issue Apr 11, 2022 · 0 comments
Open

Update JWT Policy documentation #752

tech-Nico opened this issue Apr 11, 2022 · 0 comments

Comments

@tech-Nico
Copy link
Contributor

The JWT Policy documentation needs to be updated.
Specifically, the documentation mentions that:

The policy prompts you to choose between three (GIVEN_KEY, GIVEN_ISSUER, GATEWAY_ISSUER) methods to retrieve the required public key.

This is actually not correct. The policy (as of 3.17.1) actually supports the following methods to retrieve the public key:

  • GIVEN_KEY: You must provide a signature key as a resolver parameter according to the signature algorithm
  • GATEWAY_KEYS: Look for signature key from API Gateway configuration according to issuer and kid from incoming JWT
  • JWKS_URL: Retrieve JWKS from URL (Basically, URL ending with '/.well-known/jwks.json')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tech-Nico