. Feedback on this PR would
On Thu, 18 Apr 2019 at 09:13, Guillaume HOUDMON <
We are currently studying how to encrypt tokens with JWE. There is the JIRA
KEYCLOAK-6768 that addresses this topic. But it does not seem that there
was any work to start on it.
A beginning of support has already been done to encrypt the code (see
Inspired by what is done for the signature, I plan to add a section in the
client page "Encryption Tokens Configuration" to select the algorithms by
types of tokens, and set the encryption key (paste or jwks url).
We would add 2 SPIs: jwe-key-encryption and jwe-content-encryption.
With my colleagues, we would complete the algorithms (RSA-OAEP,
RSA-OAEP-256 and A128GCM, A192GCM, A256GCM).
In a second step, we could also contribute for the support in Java
Does this approach seem relevant to you?
Should we go through a design proposal?
keycloak-dev mailing list