[keycloak-dev] Realm key pair
Bruno Oliveira
bruno at abstractj.org
Thu Apr 3 10:32:43 EDT 2014
I see. I was just wondering if is possible to avoid the key pair exposition and if the idea is valid. For our clients, establish a key agreement (ECDH for example) and use the shared key to sign JSON[1].
Does it make sense?
[1] - http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-25#section-4.6.1
--
abstractj
On April 2, 2014 at 4:27:29 PM, Bill Burke (bburke at redhat.com) wrote:
> > Not sure what you mean. The keypair is for the realm. When you
> create
> a realm this keypair is automatically generated. The only reason
> it
> exists in the example imported json files is so that the example
> adapter
> configs can run out of the box.
More information about the keycloak-dev
mailing list