Closed c00 closed 7 months ago
This issue has been automatically marked as stale because it has not had activity in 1 year. It will be closed in 7 days if no further activity occurs. Thanks!
This issue was closed because it had no activity for over 1 year.
The current implementation uses (I think) HMAC signing for the JWT signatures. I would love an option to use the RSA (public / private key) variation for signing as well. JWT does support this by default.
The benefit is that external sources would be able to validate a token as well, without needing to share the signing secret.