Differences

This shows you the differences between two versions of the page.

Link to this comparison view

projects:member_portal:jwk [2025/10/06 15:51] – created samp20projects:member_portal:jwk [2025/10/07 23:49] (current) samp20
Line 3: Line 3:
 The OpenID specification requires a JWKs endpoint to list public keys that can verify ID tokens. The OpenID specification requires a JWKs endpoint to list public keys that can verify ID tokens.
  
-TODO: Expand this with how the keys should be generated/rotated, where they're stored, what format.+Current thinking is to store them in the filesystem either in PEM or JSON format. A Flask command can be created to rotate these on a schedule. These should be stored with the correct file permissions (''o-rwx'' at a minimum). 
 + 
 +We should support the EC and RSA algorithms (EC is preferredRSA is still required by the spec).
  • projects/member_portal/jwk
  • Last modified: 4 hours ago
  • by samp20