Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] usage of JWKS with JWT (without using OpenID connect) #4974

Open
Rishav9852Kumar opened this issue Dec 17, 2024 · 1 comment
Open

[FEATURE] usage of JWKS with JWT (without using OpenID connect) #4974

Rishav9852Kumar opened this issue Dec 17, 2024 · 1 comment
Assignees
@Rishav9852Kumar
Labels
enhancement New feature or request triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.

Comments

@Rishav9852Kumar
Copy link

Rishav9852Kumar commented Dec 17, 2024
edited
Loading

Description :
An enhancemenet of usage of JWKS with JWT (w/o OpenID connect)
to enable de-coupling between HTTPJwtAuthenticator and HTTPJwtKeyByOpenIdConnectAuthenticator
So this usage of JWKS with JWT could be extended to the JWT backend instaed of OIDC auth backend

What solution would you like?
Extending auth with jwks_uri parameter in JWTs Configuring (inseted of depending on openid in HTTPJwtKeyByOpenIdConnectAuthenticator)

What alternatives have you considered?
#2808

Do you have any additional context?
#2708 (comment) (Moving JWKS completely inside HTTPJwtAuthenticator)
@Rishav9852Kumar Rishav9852Kumar added enhancement New feature or request untriaged Require the attention of the repository maintainers and may need to be prioritized labels Dec 17, 2024
@cwperks
Copy link
Member

cwperks commented Dec 17, 2024

Thank you for filing this issue @Rishav9852Kumar. For anyone coming across this issue, this is currently possible using the openid backend as outlined in the documentation here: https://opensearch.org/docs/latest/security/authentication-backends/jwt/#using-a-jwks-endpoint-to-validate-a-jwt

This issue is about supporting it directly in the jwt backend as requested in #1858 (comment)

@cwperks cwperks added triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable. and removed untriaged Require the attention of the repository maintainers and may need to be prioritized labels Dec 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Rishav9852Kumar Rishav9852Kumar

Labels
enhancement New feature or request triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cwperks @Rishav9852Kumar