search

TeslaGov / ngx-http-auth-jwt-module

Secure your NGINX locations with JWT
MIT License
317 stars 122 forks source link

Best practice to validate multiple JWT #47

Closed vlauciani closed 2 years ago

vlauciani commented 5 years ago

Hi

What is the best practice to validate multiple JWT?

I've a lot of users and each user have a personal JWT; each user can access to one o more 'location'/'route'. Should I create, for example, a test-jwt-nginx.conf for each user?

Thank you, Valentino

fitzyjoe commented 4 years ago

I'm not completely understanding your question. Are the JWTs all signed with the same key/secret or different ones? This module supports multiple different keys for different locations, but not multiple keys for the same location. Of course there are infinite JWTs that this module supports for the same key. I know this is an old comment but if you care to elaborate I'm interested.

JoshMcCullough commented 2 years ago

Closing this since there was no response. Feel free to reopen if needed, @vlauciani.