-
We are looking for an ontology for an extension of the IETF Work on "Signing HTTP Messages" for Authentication. See the Solid Authentication Panel Issue [Ontology for the KeyId document](https://githu…
-
-
**Description:**
$subject
**Describe your problem(s)**
Right now, we have a BBE for service JWT auth with `certFile` as signature config. We should add an example on how to use `jwks endpoint` in…
-
### Problem Statement
Implement a feature that makes API calls to an AWS Cognito endpoint to retrieve the JSON Web Key Set (JWKS) required for JWT verification. The retrieved JWKS should be cached t…
-
### Description
Currently, responses to the endpoint `/auth/realms/REALM/protocol/openid-connect/certs`, are served with the following HTTP headers :
```http
Cache-Control: no-cache
Connection:…
-
To my understanding, when implementing OIDC, you need a JWKS endpoint. (A discovery endpoint would also be pretty helpful). Perhaps I'm missing something, but this example doesn't seem to provide a wa…
-
There seem to be several mechanisms for issuer key validation (section 3.5).
Two mechanisms define fetching of keys (issuer metadata, DID), and one can be embedded or referenced (x509).
Would it…
-
Our goal is to make the API hard to use incorrectly. For the `HmacSecretKey` class we would want to validate the properties on `importJsonWebKey` against imported JWK to reduce the risk of accidentall…
-
### Version
1.10.x (latest stable)
### Is your feature request related to a problem? Please describe.
As it is today, the JWKS server URL has to be explicitly defined in the VirtualService spec. We…
-
Hi,
I have an LTI 1.3 tool that I'm connecting to different LMSes for launching a webpage and then reporting grades back.
On the LMS side, you can usually set up either a JWKS URL or a public ke…