You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In this case, you should implement a custom authenticator proc which also fetches the RSA public keys and caches them respectively. I'm unsure how you determine which RSA key to use for verification for which runtime JWT. But if there is no way to detect it properly, you could probe each one until you find a valid combination.
This functionality could be interesting for others I guess. I will keep this issue open as a feature request. But it is doable with the library and custom code right now.
So some providers (e.g. google/firebase) is using a JSON file to expose multiple x509 public keys instead of one plain file.
The text was updated successfully, but these errors were encountered: