Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-1742

OAuth2 private_key_jwt should have audience configurable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.5.0
    • Fix Version/s: 5.5.0
    • Component/s: OAuth 2.0
    • Labels:
      None
    • Sprint:
      OpenIG Sprint 102

      Description

      Actually, the confiuration of the ClientRegistration when using the private_key_jwt
      do not allow to modify the aud (audience) field.

      But according to OpenID:

      aud
      REQUIRED. Audience. The aud (audience) Claim. Value that identifies the Authorization Server as an intended audience. The Authorization Server MUST verify that it is an intended audience for the token. The Audience SHOULD be the URL of the Authorization Server's Token Endpoint.

      The audience should be configurable in the ClientRegistration and must have a default value set to the URL of the Authorization Server's Token Endpoint.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                violette Violette Roche Montane
                Reporter:
                violette Violette Roche Montane
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: