You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Introduce a property mp.jwt.introspection.address (or similarly named) which will be used to introspect the token remotely. It can be useful when dealing with the inner-signed or encrypted tokens produced by OpenId Connect providers.
It may need to be aligned with the current standartization effort to return the introspection responses as JWT.
Or the introspection response may be converted into JWT, example, username can be turned into preferred_username, scope into groups (or into scope claim with it also being recognized at the MP JWT level), etc.
Teddy @teddyjtorres pointed out that it is not easy right now for the MP JWT endpoint to acquire the private keys required to deal with the inner-signed/encrypted tokens
The text was updated successfully, but these errors were encountered:
Introduce a property
mp.jwt.introspection.address(or similarly named) which will be used to introspect the token remotely. It can be useful when dealing with the inner-signed or encrypted tokens produced by OpenId Connect providers.It may need to be aligned with the current standartization effort to return the introspection responses as JWT.
Or the introspection response may be converted into JWT, example,
usernamecan be turned intopreferred_username,scopeintogroups(or intoscopeclaim with it also being recognized at the MP JWT level), etc.Teddy @teddyjtorres pointed out that it is not easy right now for the MP JWT endpoint to acquire the private keys required to deal with the inner-signed/encrypted tokens
The text was updated successfully, but these errors were encountered: