Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-2202

Make it possible to handle opaque access tokens for OIDC

    XMLWordPrintable

Details

    • Task
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • None
    • None
    • None
    • None

    Description

      The OpenID Connect spec doesn't specify the required format for access tokens. Some OpenID providers like Keycloak and Okta use JWTs for access tokens. Open Liberty uses opaque access tokens by default but can be configured to use JWTs. Google uses opaque access tokens. 

      The current OIDC implementation assumes JWTs for access tokens. We need to update this to handle opaque access tokens as well.

      Attachments

        Issue Links

          Activity

            People

              fjuma1@redhat.com Farah Juma
              fjuma1@redhat.com Farah Juma
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: