-
Hi!
Thanks for making this awesome client library! I'm actually really curious how you are codegen-ing this, it's been a joy to use.
I was digging into the library and I found one issue that's …
-
How can I validate JWT with JWKS using jwt-scala?
My public key is provided as JWKS. Many IDaaS provides keys as JWKS.
https://www.hanko.io/blog/understanding-jwks
-
Here, we do a delete+add: https://github.com/istio/istio/blob/efbfe15a7621fc408e92f48a9717be572827e1c7/pilot/pkg/model/jwks_resolver.go#L503-L510
This can lead to cache misses, causing on-demand lo…
-
All keys available for encryption via SDK clients should be exposed with a JWKS endpoint.
Each JWK should have a property that can be used to match an attribute to a key.
relates to:
- https://…
-
We use JWT validation in our `HTTPProxy` via remote JWKS that points to OIDC provider endpoint located in a different region. Requests to JWKS endpoint take about 1 second. This means that when the JW…
-
Support for oauth and jwt and oauth authentication mechanisms was recently added which is great!
Currently for jwt authentication the key is provided directly in the configuration yaml. Another opt…
-
To handle key rotation, from what I understand it's common to have a [JSON Web Key Set](https://auth0.com/docs/secure/tokens/json-web-tokens/json-web-key-set-properties) (JWKS) file ([related standard…
-
## Summary:
A vulnerability has been discovered in the OpenID Connect JWKS (JSON Web Key Set) endpoint at *.portkey.finance/.well-known/jwks. This vulnerability allows unauthenticated access, which…
-
I'd like to use this snap alongside the Ardrive sdk https://github.com/ardriveapp/ardrive-core-js
Is it possible to export the jwk to then be read by ardrive? this doesn't seem particularly secure, b…
-
In our setup, we verify our jwt tokens on an authoriser, which we deploy on AWS as a lambda. We tried to switch to `get-jwks` but with the config we used till now (128MB of memory) we observed that it…