Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: Gateway
Labels:
None

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
3Scale PT Tested upstream:
Not Started
3scale PT Docs:
Not Started
3scale PT Product Specs:
Not Started
3scale PT Product Update Ready:
Not Started
3scale PT Released In Saas:
Not Started
3scale PT Verified Product:
Not Started
Target Release:

2.17.0 GA
Intelligence Requested:
Market:

Sprint:
RHOAM Sprint 71, RHOAM Sprint 72

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

In https://issues.redhat.com/browse/THREESCALE-11015 we introduce 2 new method to inspect token. Using

private_key_jwt
client_secret_jwt

When using client_secret_jwt, we signed token with RS256 algorithm, however with recent work done for https://issues.redhat.com/browse/THREESCALE-11474 we can now also sign the token with ES256.

This is also the requirement for FAPI advance profile

For JWS, both clients and authorization servers

* shall use PS256 or ES256 algorithms;

* should not use algorithms that use RSASSA-PKCS1-v1_5 (e.g. RS256); and

* shall not use none.

Assignee:: Unassigned

Reporter:: An Tran

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/02/03 6:35 AM

Updated:: 2025/04/14 7:21 AM