[OPENAM-11252] Documentation still mention JWT as grant type which support for has been removed Created: 07/Jun/17 Updated: 25/Sep/19
|Affects Version/s:||12.0.5, 13.5.1, 14.0.0, 14.1.0, 14.5.0, 5.5.1, 6.0.0|
|Fix Version/s:||12.0.5, 13.5.1, 14.0.1, 14.1.0, 14.5.0|
|Labels:||AME, DocsSustaining, SHAKESPEARE|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
We have removed support for the JWT Bearer grant type due to the implementation not being complete and it introducing a security issue, so we no longer implement https://tools.ietf.org/html/rfc7523#section-2.1, section-2.2 is still implemented.
Our docs need to be updated to reflect this as they still mention JWT as grant type: https://ea.forgerock.com/docs/openam/doc/backstage/oauth2-guide/index.html#oauth2-jwt-bearer
|Comment by Gene Hirayama [ 21/Jun/17 ]|
|Comment by Chris Lee [ 01/Jun/18 ]|
Might be coming back to the product, have linked AME-16114 which is awaiting triage.