Question
· May 25, 2017

Does or will Caché support RFC 7523

Unless I'm mistaken, 2017.1 doesn't appear to support RFC 7523 (JSON Web Token Profile for OAuth 2.0 Client Authentication and Authorization Grants).  Is that coming in 2017.2?

In order to support it in 2017.1, I'd have to override the OAuth 2.0 token endpoint to cater for the additional grant types - what's the best way to do this?

 

Thanks.

Discussion (3)0
Log in or sign up to continue

RFC 7523 specifies the use of a JWT both as an authentication mechanism for a client and as a grant type to obtain an access token.  Cache supports the use of a JWT for client authentication in 2017.1.  There are currently no plans to support the JWT grant type for obtaining an access token.  This is a reasonable enhancement request..  I suggest that you make the request through the WRC including more background on your intended use.  Then priority can be set.

If you decide to add this support yourself, you should change OAuth2.REST to send the token endpoint request to your new class instead of OAuth2.Server.Token.  The method in your new class can check for JWT case and process it or otherwise forward to OAuth2.Server.Token:Process.  The OAuth2.Server.Token: CheckJWTAuthorization method has code which might help you learn how to handle JWT.  Of course, the usual caveats apply to this approach.