panva
commented
4 years ago Signed and/or encrypted ID Tokens and JWT Userinfo responses are fully supported - all algs and encs JOSE has registered. You just have to set the according IANA registered client metadata and provide jwks the provider will encrypt to.
Message-Level Encryption is required by some OpenID providers. Here is a brief description of MLE. It doesn't seem to be supported by node-openid-client.
If I'm wrong and it really can support it, a simple example would be very appreciated!