IDTokenSignatureValidationValve
Warning
This valve is usually used with the legacy OIDC authenticators. If that is the case, it is recommended to plan for migrating the authenticator to the new protocol agnostic authenticator architecture, where this valve won't be needed anymore since it's already builtin. More information about the legacy authenticators can be found here.
Note
Parses a JWT ID and validates the signature. Used this valve when acting as an OIDC RP.
Properties
| Name | Description | Default value | Mandatory | Supports property expansion |
|---|---|---|---|---|
| token_parameter | Where to find the access token. Formatted in rfc7519. | id_token | Yes | Yes |
| internal_op_id_key | Internal id of the OIDC OP used for signature validation | internal_op_id_key | Yes | No |
Example Configuration
{
"name": "IDTokenSignatureValidationValve",
"config": {
"token_parameter_key": "id_token",
"internal_op_id": "123456"
}
}
Requirements
The open id connect provider must be known to the system.