Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

private_key_jwt JWKS support for Generic OIDC connect #24704

Open
buznyusz opened this issue Jan 7, 2025 · 4 comments
Open

private_key_jwt JWKS support for Generic OIDC connect #24704

buznyusz opened this issue Jan 7, 2025 · 4 comments
Labels
kind/enhance New feature or request

Comments

@buznyusz
Copy link

buznyusz commented Jan 7, 2025
edited by jira bot
Loading

Strong authentication is expected in the enterprise environment, so also with OIDC, JWKS AUTH should be an auth option for OIDC server connection, in addition to the current clientID +secret

Why is solving this problem impactful?

Higher security standard

Additional notes

https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/pf_jwks_endpoint.html

JIRA Link: CORE-8729
@buznyusz buznyusz added the kind/enhance New feature or request label Jan 7, 2025
@dotnwat
Copy link
Member

dotnwat commented Jan 8, 2025

hi @buznyusz is this something supported by Apache Kafka?

@buznyusz buznyusz changed the title JWKS support for Generic OIDC connect private_key_jwt JWKS support for Generic OIDC connect Jan 9, 2025
@buznyusz
Copy link
Author

buznyusz commented Jan 9, 2025
edited
Loading

hi @buznyusz is this something supported by Apache Kafka?

Hello
the Apache Kafka supports only the client_credential type ( clientID+Secret ) OIDC connection.
The OIDC auth is an Enterprise feature so i think we have to check other Enterprise grade competitors feature set like Confluent where the private_key JWKS AUTH is available https://docs.confluent.io/platform/current/installation/configuration/broker-configs.html#sasl-oauthbearer-clientassertion-private-key

@dotnwat
Copy link
Member

dotnwat commented Jan 9, 2025

Thanks @buznyusz ill pass this along internally

@dotnwat
Copy link
Member

dotnwat commented Jan 9, 2025

@deniscoady

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhance New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dotnwat @buznyusz