Open muhammadnizami opened 3 months ago
@muhammadnizami Could you confirm if that cited line is an error or a warning? This report seems similar to #654, and the issue reporter there said that that it was a warning
But either way, yes, it probably makes sense to provide an static key that works with ES256 for the convenience of users not running mockpass with their own JWKS endpoint
When trying to access
GET /corppass/v2/authorize
I'm using one of the keys given instatic/certs/oidc-v2-rp-secret.json
. The signing JWK given there uses ES512 algorithm and P-512 curve. The problem is, if I use that, I get this error fromGET /corppass/v2/authorize/
endpoint:The client_assertion alg ES512 does not meet required token_endpoint_auth_signing_alg_values_supported [ 'ES256' ]