Jess Moorhouse

icon company @sky-uk icon location London, United Kingdom icon location BSc (Hons) Computer Science Graduate. She/They.

Results 4 comments of Jess Moorhouse

Fetch jwk via sub request to upstream service

Any advance on this? At the moment it's our main concern with using this module as we'd rather point to our KeyCloak instead of managing keys ourselves

Fetch jwk via sub request to upstream service

~So an example would be keyclock which exposes the url http://[keycloak-instance]/realms/[realm]/protocol/openid-connect/certs which is unauthenticated and returns a jwk file as a json object https://datatracker.ietf.org/doc/html/rfc7517~

Fetch jwk via sub request to upstream service

Oops, wrong endpoint it would be this one: https://[keycloak-domain]/realms/[realm]/.well-known/openid-configuration

Fetch jwk via sub request to upstream service

/.well-known/openid-configuration is standard across other IdP's as well I believe - and the public key. From there the actual jwks is in the object that is returned under `.jwks_uri` -...