Steeltoe icon indicating copy to clipboard operation
Steeltoe copied to clipboard
verified publisher icon SteeltoeOSS

How to use jwt authentication without username and password

Open yhjhoo opened this issue 6 years ago • 3 comments

In the example of jwt authentication, it configures both client Id and client secret which I don't want.

Is there some similiar configuration like "security.oauth2.resource.jwt.key-uri" in spring-boot?

yhjhoo avatar Jul 01 '19 07:07 yhjhoo

No, we don't have that option available in Steeltoe.

We do build Microsofts JWT provider, so it is possible they have another way to handle this.

jkonicki avatar Dec 02 '19 16:12 jkonicki

that's very bad news. Good to hear MS provide this thing. tks for the help

yhjhoo avatar Dec 03 '19 01:12 yhjhoo

Hi @yhjhoo, It was not my original intention to close this ticket. So, I am going to reopen this as hopefully you or someone in the community would like to contribute something that would satisfy this request. This is currently not a team priority, but we are willing to assist in helping with a solution.

jkonicki avatar Dec 04 '19 17:12 jkonicki

This should be a function of the ASP.NET Core JWT auth library, I do not see anything for Steeltoe to do here

TimHess avatar May 13 '24 19:05 TimHess