-
### Description
The context is IAM integration and validating user tokens (JWT) provided by the identity provider. When a JWT is returned, it may be signed (depending on the identity provider). T…
-
[This issue is imported from pivotal - Originaly created at Jan 10, 2022 by Bart Geesink](https://www.pivotaltracker.com/story/show/180861173)
Delete van een oath2_rs entity gaat niet goed, er wordt …
-
I am following https://www.baeldung.com/spring-security-oauth-auth-server Post for implementing Auth server, resource server, client server implementation. I am getting auth code in return when login …
-
### Describe the bug?
We are seeing the following error after upgrading an API from SDK version 16.0.0 to 19.0.0.
After an hour the SDK fails to obtain a new access token via private key authent…
-
**Expected Behavior**
When there a multiple filter chains configured for any request, Spring Security should make it as easy as possible for the user to correct their configuration mistake by clear…
-
### Issue submitter TODO list
- [X] I've looked up my issue in [FAQ](https://ui.docs.kafbat.io/faq/common-problems)
- [X] I've searched for an already existing issues [here](https://github.com/kafbat…
-
Some requests to the backend are being rejected with a `401` response code.
The backend logs following exception:
```
The resource owner or authorization server denied the request. {"exception":…
-
**Goal:** Migrate all databases to only leverage managed identity by default.
Some overall design considerations:
## Token vs. passwords
With managed identity, a key exchange is performed to retrie…
-
**Describe the bug**
Both the `SpringOpaqueTokenIntrospector` and `NimbusOpaqueTokenIntrospector` use the `clientId` and `clientSecret` to authenticate the calls to the authorization server.
This …
-
**Expected Behavior**
The OAuth2 Resource server should have a way to cache tokens (such as JWT) to avoid validating the tokens for every requests.
**Current Behavior**
Currently, there is no way…
Kieun updated
4 months ago