Handling signed tokens - PingDirectoryProxy - PingDirectory - 9.2

PingDirectory 9.2

bundle
pingdirectory-92
ft:publication_title
PingDirectory 9.2
Product_Version_ce
PingDirectory 9.2
category
Product
pd-92
pingdirectory
ContentType_ce

The token issuer must cryptographically sign all access tokens that the JSON web token (JWT) access token validator handles. The JWT access token validator validates a token's signature using a public signing key provided by the issuer.

Configure the JWT access token validator with the issuer's public signing key:
  • Store the public key as a trusted certificate in the server's local configuration using the trusted-certificate property.
  • Provide the issuer's JSON Web Key Set (JWKS) endpoint using the jwks-endpoint-path property.
    Note:

    The JWT access token validator then retrieves the issuer's public keys when it initializes. This method ensures that the JWT access token validator uses updated copies of the issuer's public keys.