Using a signed JWT Assertion for Code Exchange #1380
Closed
markusr109
started this conversation in
Ideas
Replies: 1 comment
-
|
I have realized that I should use a public client. This question ist obsolete. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi everyone,
I would like to be able to use a signed JWT assertion to exchanging the authorization code for a token. That JWT should be passed to the token endpoint as-is. Just like
OIDCClientSecret, the JWT should be retrievable by running an executable.My use case is that I am deploying to AWS and I would like to use AWS outbound identity federation in combination with a federated credential on an EntraID service principal. This would make my solution completly passwordless and low maintenance. There would also be no need to manage key material in an HSM, certificates, or the signing of assertions. All of that is done by AWS.
In my understanding there is currently no way to achieve this.
Thank you!
Beta Was this translation helpful? Give feedback.
All reactions