[keycloak-dev] Interesting example for trusted service to service communication with JWT
Thomas Darimont
thomas.darimont at googlemail.com
Wed Aug 24 03:57:00 EDT 2016
Hello,
just stumbled upon an (IMHO) interesting example for trusted service to
service
communication with JWT.
Microservices with Spring Boot and Java JSON Web Tokens (JJWT)
https://www.youtube.com/watch?v=saiwZzE5IYg
They use the JJWT (https://github.com/jwtk/jjwt) library and and
demonstrate how to use
the kid (Key ID) claim of JWT.
In order to establish trust between two services, public keys are exchanged
to verify
each others JWT token signatures.
So instead of using a shared public key (e.g. Realm public key in Keycloak)
they have a public key per service.
I wonder how this would look like with Keycloak.
Cheers,
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160824/123536fe/attachment-0001.html
More information about the keycloak-dev
mailing list