Widen / cloudfront-auth

An AWS CloudFront Lambda@Edge function to authenticate requests using Google Apps, Microsoft, Auth0, OKTA, and GitHub login
ISC License
626 stars 149 forks source link

JWT Signing keys are not found when application has custom signing keys in Azure AD #85

Open tuomovee opened 3 years ago

tuomovee commented 3 years ago

JWT signature validation fails to discover signing keys when the application has custom signing keys - for example due to usage of the claims-mapping feature.

This can be resolved by appending query parameter "appid" with value matching client/application id to the discovery URL.