I want to increase the defaults for signature algorithm.

[nannany]

Preflight Checklist

• I could not find a solution in the existing issues, docs, nor discussions
• I have joined the ZITADEL chat

Describe your problem

I am using zitadel/oidc to create an OpenID Provider.
I believe the library intends that the VerifyJWTAssertion function is called when client authentication is done with private_key_jwt.
However, this function currently only supports RS256 since the supportedSigAlgs argument is nil when executing the CheckSignature function.
Therefore I would like to sign with ES256, which is not possible.

Describe your ideal solution

Since the FAPI states that PS256 or ES256 is recommended, why not support PS256 or ES256 if it is not specified here as well?

Version

v3.22.1

Environment

Self-hosted

Additional Context

No response

[hifabienne]

I think this is a duplicate of the following issue? #259
@muhlemmer @livio-a am I right? In that case I would close the issue here, to avoid duplicates

[muhlemmer]

closed by #606