fusionauth-issues icon indicating copy to clipboard operation
fusionauth-issues copied to clipboard
verified publisher icon FusionAuth

Feature: Support JWT Profile for Client Authentication

Open robotdan opened this issue 5 years ago • 4 comments

Support JWT Profile for Client Authentication

Problem

RFC 7523 describes the JWT Profile for Client Authentication in order to provide an additional mechanism to authenticate a client. FusionAuth does not currently support this profile for client authentication.

Solution

Add support for this authentication scheme.

Alternatives/workarounds

A clear and concise description of any alternative solutions or workarounds you've considered.

Additional context

  • https://tools.ietf.org/html/rfc7521
  • https://tools.ietf.org/html/rfc7523#section-2.1
  • https://tools.ietf.org/html/rfc7523#section-2.2
  • https://datatracker.ietf.org/doc/draft-ietf-oauth-rfc7523bis/

We could look at adding both the JWT Client Authentication Profile as well as the Bearer JWT grant.

This came up in a sales conversation. Internal: https://inversoft.slack.com/archives/C068UM25PNJ/p1731586209203619

How to vote

Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.

robotdan avatar Jan 07 '20 19:01 robotdan