Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question]: How can I support an OIDC flow with encrypted JWT Tokens? #1603

Open
tanandre opened this issue Nov 22, 2022 · 1 comment
Open

[Question]: How can I support an OIDC flow with encrypted JWT Tokens? #1603

tanandre opened this issue Nov 22, 2022 · 1 comment
Labels
question

Comments

@tanandre
Copy link

What Version of the library are you using?
13.1.0

Question
How can I support an OIDC flow with encrypted JWT Tokens.

I tried to find out if there is support for encrypted tokens and I believe there isn't (but please correct me if I'm wrong). If we have a back-end service that can decrypt the token is there a way we can get the OIDC flow working?
@FabianGosebrink FabianGosebrink changed the title [Question]: [Question]: How can I support an OIDC flow with encrypted JWT Tokens? Nov 23, 2022
@damienbod
Copy link
Owner

You can use encrypted access tokens. You cannot use encrypted id_tokens because this needs to be opened and used by the SPA. Encrypting the id_token in SPA does not increase the securtiy.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@damienbod @tanandre