sberyozkin
commented
5 years ago @readonlynetwork is the JWS token sequence is all you would need or will you also require an access to the mutual TLS client cert (not sure what you meant by the the public key is ID).
FYI, with Thorntail you can register a custom factory which can be used to override the default verification mechanism, please ask at the Thorntail or smallrye-jwt lists for more details.
readonlynetwork
Is it possible to use custom JWT verifier (in Thorntail or others)? Example.: I would like to use Elliptic Curve (EC256 in doc) instead of RS256 with additional content (public key, like self signed cert where public key is the ID)