Re: [keycloak-user] HS256 Shared Secret
Is there any way we can use RSA for signing refresh tokens instead of HS256?
Thanks
Nithin
On 9/23/19, 8:25 AM, "keycloak-user-bounces(a)lists.jboss.org on behalf of Nick
Powers" <keycloak-user-bounces(a)lists.jboss.org on behalf of sshscp(a)gmail.com>
wrote:
[External Email]
________________________________
I suggest using RSA instead of HS256. With RSA you can confirm the the
authenticity of the JWT by using Keycloak's public key. The url
https://<keycloak-server>/auth/realms/<realm>
contains a json response with the public key.
On Mon, Sep 23, 2019 at 5:02 AM Stian Thorgersen <sthorger(a)redhat.com>
wrote:
Keycloak does not support a shared secret at the moment. Tokens
signed with
HS256 can only be verified by Keycloak.
Why are you asking?
On Fri, 20 Sep 2019, 19:30 Sam Lewis, <sam(a)focus21.io> wrote:
> How do you retrieve and HS256 shared secret?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user