Add certificate‑bound access tokens support to this OIDC Reference Implementation

Could mutual TLS (mTLS) client certificate‑bound access tokens (defined in [RFC 8705](https://datatracker.ietf.org/doc/html/rfc8705#section-3.1)) integration be added into NGINX's OIDC Reference implementation. An example of its implementation was provided in a recent [NGINX Plus R25 Blog Post](https://www.nginx.com/blog/nginx-plus-r25-released/#custom-jwt-validation). The OIDC Reference implementation would just need to validate that the cnf claim and client cert exists before performing the validation or provide an option to enable the feature. Please let me know if anymore detail would be helpful.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add certificate‑bound access tokens support to this OIDC Reference Implementation #51

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add certificate‑bound access tokens support to this OIDC Reference Implementation #51

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions