JWT for an access_token

By: Maks Molter user 09 Feb 2016 at 4:31 a.m. CST

6 Responses
Maks Molter gravatar
Is it possible to configure Gluu server (using 2.4.1) so that it will also issue the client access_tokens as JWTs? From my experience, it seems to be impossible to do so using web gui, but is there another way that I am missing apart from messing with oxAuth code?
None
closed

Answers

By Yuriy Zabrovarnyy staff 09 Feb 2016 at 5:43 a.m. CST

Copy
Yuriy Zabrovarnyy gravatar
It is not possible to configure 2.4.1 Gluu Server to issue ```access_token``` as JWT. We may introduce such possibility in future.

By Maks Molter user 09 Feb 2016 at 7:40 a.m. CST

Copy
Maks Molter gravatar
Will sure be happy to see this feature. Thank you for quick reply.

By Michael Schwartz Account Admin 09 Feb 2016 at 8:45 a.m. CST

Copy
Michael Schwartz gravatar
We are upgrading UMA to grant RPT token as encrypted JWT. We also are building a new OAuth2 token called the Gluu Access Token that will be an encrypted JWT. But it makes no sense to me to make the OpenID Connect access token an encrypted JWT. If you have such a use case, please describe it.

By Paul Haggerty user 19 Jan 2017 at 12:17 p.m. CST

Copy
Paul Haggerty gravatar
I see the support question is closed but I was wondering if version 2.4.4 now supports access tokens in JWT format? I need this feature as well. Not sure why it wouldn't make sense either. The 3GPP specs that I'm implementing require OpenId Connect access tokens in JWT form. thanks

By Malcolm McRoberts Account Admin 14 May 2018 at 11:16 a.m. CDT

Copy
Malcolm McRoberts gravatar
I'm wondering the same for version 3.1.2 . I see a lot of other OIDC providers are supporting this.

By Thomas McAvoy user 17 Jul 2018 at 6:17 p.m. CDT

Copy
Thomas McAvoy gravatar
Mike many of the down(or upstream) applications expect encrypted accestokens - many docker services are built to use envrypted and signed jwt --

Post an answer