JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants #580
Labels
type: feature request
‘Nice-to-have’ improvement, new feature or different behavior or design.
Comments
This was referenced Dec 29, 2020
yoshi-automation
added
triage me
chingor13
added
the
type: feature request
yoshi-automation
removed
triage me
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
There is no support for using JWT as a client_assertion for getting an access token.
Describe the solution you'd like
Currently the client library allows for client secret based authentication. I would like to support JWT, according to RFC7523: https://tools.ietf.org/html/rfc7523.
In particular, this is used for server to server authentication with many EMR (Electronic Medical Record) systems.
I have an implementation ready for a PR, implemented as a HttpExecuteInterceptor, as done in ClientParametersAuthentication
Describe alternatives you've considered
I could implement this using raw HTTP client such as OKHttp. In fact, I have an working implementation.
Additional context
The text was updated successfully, but these errors were encountered: