Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-7512

OAuth 2.0 Mutual TLS Client Authentication

    XMLWordPrintable

Details

    • Feature Request
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 4.0.0.Beta3
    • None
    • OIDC
    • None
    • NEW
    • NEW

    Description

      With the KEYCLOAK-6771 we have now support for "OAuth2 Mutual TLS Sender Constrained Access Tokens" on server-side. This is in the section 3 of this specification: https://tools.ietf.org/html/draft-ietf-oauth-mtls-07#section-3 .

      Will be good to have support for OAuth 2.0 Mutual TLS Client Authentication - there are 2 ways of doing it described in the section 2 - https://tools.ietf.org/html/draft-ietf-oauth-mtls-07#section-2 . Will be nice to support them on both server side and adapter's side.

      I am not sure if this will require changes to the Client Authentication SPI (both server and adapter side).

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              mposolda@redhat.com Marek Posolda
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: