New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: Not able to connect Yahoo because of ES256 #4899
Comments
Hm good question. There discover document clearly shows RSA Support. With a quick glance i did not see how to switch this 🙈 Maybe @livio-a has an idea. Might influence #4431 |
Some OpenID Connect Providers like netID allow the selection in the application creation interface but I couldn't find anything there at Yahoo... I send them (Yahoo) a Mail about it - lets see if they respond. But couldn't Zitadel also support ES256? It seems like many Providers use ES256 as default (e.g. netID also uses ES256 besides RS256) BTW: Off-topic but when a OpenID Connect Provider only allows one Callback URL, which one should I use - the Zitadel Register or Login Callback URL? |
Hi @CMiksche |
@hifabienne i rechecked the implementation. It's already possible to handle token signatures other than RS256, but it's currently not that dynamic as needed. I'll add some info the oidc issue. Regardless of that, ZITADEL only need to update the library afterwards. |
So I will close this issue since we track the progress in zitadel/oidc#259 |
Preflight Checklist
Environment
Self-hosted
Describe the bug
I want to connect Yahoo as a OpenID Connect Provider to my Zitadel Instance.
Yahoo itself describes that "ES256" and "RS256" is supported.
But when I try to connect as a User after setting up a App at Yahoo, I get the following:
signature algorithm not supported: id token signed with unsupported algorithm, expected ["RS256"] got "ES256"
To reproduce
Screenshots
No response
Expected behavior
No response
Version
2.16.0
Operating System
No response
Relevant Configuration
No response
Additional Context
No response
The text was updated successfully, but these errors were encountered: