Hi,
I am trying a POC where I can generate a JWT policy with multiple algorithms as needed. Can I make the Algorithm a variable value in Generate JWT policy instead of a hardcoded value?@DChiesa
I mean something like this
<Algorithm ref=’variable_name_here’/>
<Algorithm>{AL-Value}</Algorithm>
<Algorithm ref="AL-Value"/>
General Inquiry..Why do you want to do so? May be use custom java code with properties may help but why 🙂
No. OOB policy doesn't have a option for ref to read it.
just want to have a shared flow that can generate JWT with different Algorithms and sign it with private keys depending on the input from proxy .... just want to check if I can do that with OOB options.
No you cannot do that with the GenerateJWT policy.
It was considered to be a security hole, to allow dynamic specification of the algorithm in the policy configuration. The way to accomplish what you want is to use a distinct policy for each distinct algorithm. !!
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |