emqx-auth-jwt icon indicating copy to clipboard operation
emqx-auth-jwt copied to clipboard

Published 20 hours ago verified publisher icon emqx

Questions: Can this jwt plugin support multiple public keys?

Open yixingjia opened this issue 6 years ago • 4 comments

Use scenario:

User have tens of thousand of device that will connected to the cloud through MQTT protocol. Each device will has it's unique key pare for authentication, The client will use the private key for create the JWT token.

Question: Then how can we configure the public keys for all of those devices?

yixingjia avatar Aug 06 '18 14:08 yixingjia

@HJianBo @emqplus @turtleDeng

Hi Guys, Any suggestion for this questions?

yixingjia avatar Aug 07 '18 02:08 yixingjia

JWT plugin doesn't support this for now.

terry-xiaoyu avatar Sep 17 '18 10:09 terry-xiaoyu

Why not have a server generate a jwt token for each device with a single public key. That is how JWT is used everywhere else.

svrooij avatar Dec 23 '18 20:12 svrooij

AWS Cognito and Auth0 both provide two public keys in their well-known JWK keysets. Would be useful to be able to index and use the appropriate public key based on the token's kid claim.

joescharf avatar Jul 28 '20 21:07 joescharf