-
-
**Which version of Microsoft.IdentityModel are you using?**
Note that to get help, you need to run the latest version.
Latest dev / 6.31.0
**Where is the issue?**
* [ ] M.IM.JsonWebTokens
* …
-
It seems a relying party should retrieve signing keys from MAA service to verify JWT tokens. How to get the signing key?
-
### **Feature Request: Implement isJWTExpiration Method**
**Description:**
I would like to propose the addition of a new method called **isJWTExpiration** to the library. This method would serve t…
-
I'm working with an authentication system that has given me a x509 certificate for the public key and when I try to decode the token using this library, I get this error: "Invalid RSA public key encod…
-
Hi everyone. I am using api-platform with lexik jwt for tokens. I know that this bundle will generate a refresh token when using login_check. But how to use it with the custom endpoint (or api platfor…
-
During DCP F2F meeting, Trent (@Bento007 ) and I discussed the use of cookies to store the JWT tokens instead of browser's local storage. This would require the ff changes:
1. Ingest UI
- to not stor…
-
Currently, when jwt is used for authentication, the verification will pass when jwt is valid or not provided. This requirement does not apply in some scenarios:
1. During the process of adding auth…
-
I really like this approach for stateless captcha, and it definitely has its use cases where you only want to prevent automatic and unintelligent spam.
After solving a captcha once, a user can simply…
-
We need to document the authentication flow for everyone to understand how our auth works, because we are using "new" (/rare - sadly) technologies: JWT, CSRF Tokens, Http Secure Cookies etc.