Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-12978

Current implementation of MP-JWT doesn't require claims which should be required

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • MP JWT
    • None

      Chapter 4.1 of MP-JWT 1.1 recommends minimal set of JWT claims which should be required.

      Current implementation doesn't check for following claims and returns 200/OK if they are missing:

      • upn
      • jti
      • groups
      • iat
      • sub

              Unassigned Unassigned
              jkasik@redhat.com Jan Kašík
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: