Details
-
Feature Request
-
Status: Closed
-
Major
-
Resolution: Duplicate
-
4.0.0.Beta3
-
None
-
None
-
NEW
-
NEW
Description
With the KEYCLOAK-6771 we have now support for "OAuth2 Mutual TLS Sender Constrained Access Tokens" on server-side. This is in the section 3 of this specification: https://tools.ietf.org/html/draft-ietf-oauth-mtls-07#section-3 .
Will be good to have support for OAuth 2.0 Mutual TLS Client Authentication - there are 2 ways of doing it described in the section 2 - https://tools.ietf.org/html/draft-ietf-oauth-mtls-07#section-2 . Will be nice to support them on both server side and adapter's side.
I am not sure if this will require changes to the Client Authentication SPI (both server and adapter side).
Attachments
Issue Links
- is related to
-
KEYCLOAK-7635 Authenticate clients with x509 certificate
-
- Closed
-
-
KEYCLOAK-11252 Implement Server Metadata of OAuth 2.0 Mutual TLS Client Authentication
-
- Closed
-
- relates to
-
KEYCLOAK-6771 Holder of Key mechanism: OAuth 2.0 Certificate Bound Access Tokens
-
- Closed
-
-
KEYCLOAK-7997 Implement Client Registration Metadata based on Mutual TLS
-
- Closed
-