Menu
▾
▴
Re: [Unity-idm-discuss] Adding certificate in JWK endpoint
|
From: Krzysztof B. <kb...@un...> - 2023-10-27 07:17:13
|
Hi Sander, W dniu 27.10.2023 o 07:14, Sander Apweiler pisze: > Hello Krzysztof, > hello Roman, > > one of our connected clients is using Ceph as storage backend and it > requires the certificate which was used to sign the token. According to > https://openid.net/specs/openid-connect-discovery-1_0-21.html#ProviderMetadata > and https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.6 > certificates can be added as optional x5c attribute. > Since I didn't find anything in the manual and nothing endpoint > configuration, I assume it is not (yet) possible. Can you correct me if > I'm wrong or give your thought about possible extension? > Yes, Unity only puts bare keys in oidc metadata. Yes, enhancement to also add a full certificate looks fine. Best, Krzysztof |
