diff --git a/src/Zitadel/Authentication/Options/ZitadelApiOptions.cs b/src/Zitadel/Authentication/Options/ZitadelApiOptions.cs index 7774cc03..2c21cb68 100644 --- a/src/Zitadel/Authentication/Options/ZitadelApiOptions.cs +++ b/src/Zitadel/Authentication/Options/ZitadelApiOptions.cs @@ -29,6 +29,13 @@ public class ZitadelApiOptions /// public BasicAuthentication? BasicAuthCredentials { get; set; } + /// + /// Correlates with . If the API application uses + /// a private key JWT (recommended), this property can be set to pass the + /// application object itself instead of a key path or key content. + /// + public Application? JwtProfile { get; set; } + /// /// If the API application uses a private key JWT (recommended) to authenticate /// itself against the IAM API, use this property to provide the key information. diff --git a/src/Zitadel/Authentication/Validation/ZitadelApiValidator.cs b/src/Zitadel/Authentication/Validation/ZitadelApiValidator.cs index e12349f2..16131b0f 100644 --- a/src/Zitadel/Authentication/Validation/ZitadelApiValidator.cs +++ b/src/Zitadel/Authentication/Validation/ZitadelApiValidator.cs @@ -14,6 +14,7 @@ #if NET5_0_OR_GREATER using System.Net.Http.Json; + #elif NETCOREAPP3_1_OR_GREATER using System.Text.Json; #endif @@ -148,17 +149,18 @@ public override ClaimsPrincipal ValidateToken( private Func RequestConstructor() { _oidcConfiguration ??= _configuration.GetConfigurationAsync().Result; - if (_options.BasicAuthCredentials == null && _options.JwtProfileKey == null) + if (_options.BasicAuthCredentials == null && _options.JwtProfileKey == null && _options.JwtProfile == null) { throw new ApplicationException( "Neither BasicAuth nor JwtPrivateKey credentials configured in Zitadel API authentication."); } - if (_options.JwtProfileKey != null) + if (_options.JwtProfileKey != null || _options.JwtProfile != null) { - var app = _options.JwtProfileKey.Content != null - ? Application.LoadFromJsonString(_options.JwtProfileKey.Content) - : Application.LoadFromJsonFile(_options.JwtProfileKey.Path ?? string.Empty); + var app = _options.JwtProfile ?? + (_options.JwtProfileKey?.Content != null + ? Application.LoadFromJsonString(_options.JwtProfileKey.Content) + : Application.LoadFromJsonFile(_options.JwtProfileKey?.Path ?? string.Empty)); string? jwt = null;