apiman-plugins icon indicating copy to clipboard operation
apiman-plugins copied to clipboard

Published 20 hours ago verified publisher icon apiman

[JWT Policy] Retrieve kID from JWT Token

Open OSMOSA44 opened this issue 4 years ago • 2 comments

Bonjour,

As the kID can change, it would be preferable to get this parameter from the JWT Token hitself

What do you think about that ?

Thanks,

Regards,

OSMOSA44 avatar Aug 19 '21 09:08 OSMOSA44

Have a look at the Keycloak OAuth2 policy. Although it's primarily targeted at compatibility with Keycloak, their approach is very standards-based, so it usually works with all JWT providers.

If you need something more custom then feel free to contact me (look at my GH profile).

msavy avatar Aug 19 '21 09:08 msavy

https://github.com/apiman/apiman-plugins/pull/123 should implement this.

destotelhorus avatar Nov 02 '22 15:11 destotelhorus