[ https://issues.apache.org/jira/browse/SOLR-13713?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Høydahl resolved SOLR-13713. -------------------------------- Resolution: Fixed > JWTAuthPlugin to support multiple JWKS endpoints > ------------------------------------------------ > > Key: SOLR-13713 > URL: https://issues.apache.org/jira/browse/SOLR-13713 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security > Affects Versions: 8.2 > Reporter: Jan Høydahl > Assignee: Jan Høydahl > Priority: Major > Labels: JWT > Fix For: 8.3 > > Time Spent: 20m > Remaining Estimate: 0h > > Some [Identity Providers|https://en.wikipedia.org/wiki/Identity_provider] do > not expose all JWK keys used to sign access tokens through the main [JWKS > |https://auth0.com/docs/jwks] endpoint exposed through OIDC Discovery. For > instance Ping Federate can have multiple Token Providers, each exposing its > signing keys through separate JWKS endpoints. > To support these, the JWT plugin should optinally accept an array of URLs for > the {{jwkUrl}} configuration option. If an array is provided, then we'll > fetch all the JWKS and validate the JWT against all before we fail the > request. -- This message was sent by Atlassian Jira (v8.3.2#803003) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org