You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Private key jwt is a client assertion mechanism available for confidential client applications. In this mechanism, the jwt is generated using a json payload (which includes information about the client application and token metadata) and the generated private key of the client. As mentioned in the spec, a generated jwt can only be used once, unless agreed to allow the reuse of the token[1]. Identity Server has given this capability of reusing the private key jwt via an organization wide config. As this is an organization wide config all applications registered under the organization are bound to this config.
Improvement
Depending on the level of security an application need, the reusability of the token should be able to adjusted at application level. Therefore we need to introduce an application level configuration to allow reuse of private key jwt.
The text was updated successfully, but these errors were encountered:
Problem
Private key jwt is a client assertion mechanism available for confidential client applications. In this mechanism, the jwt is generated using a json payload (which includes information about the client application and token metadata) and the generated private key of the client. As mentioned in the spec, a generated jwt can only be used once, unless agreed to allow the reuse of the token[1]. Identity Server has given this capability of reusing the private key jwt via an organization wide config. As this is an organization wide config all applications registered under the organization are bound to this config.
Improvement
Depending on the level of security an application need, the reusability of the token should be able to adjusted at application level. Therefore we need to introduce an application level configuration to allow reuse of private key jwt.
The text was updated successfully, but these errors were encountered: