Class PrivateKeyJwtAuthenticator

java.lang.Object
org.frankframework.http.authentication.AbstractOauthAuthenticator
org.frankframework.http.authentication.PrivateKeyJwtAuthenticator
All Implemented Interfaces:
IOauthAuthenticator

public class PrivateKeyJwtAuthenticator extends AbstractOauthAuthenticator
OAuth 2.0 authenticator using the private_key_jwt client authentication method, as defined in RFC 7523. Also see the Spring documentation on this topic.

A signed JWT is created using the configured private key and sent to the token endpoint as the client_assertion parameter. Both RSA and EC keys are supported.

You can use this in your configuration like this:

  <HttpSender url="..." tokenEndpoint="..."
    oauthAuthenticationMethod="PRIVATE_KEY_JWT"
    clientId="my-client-id">
    <Keystore keystoreResource="/path/to/keystore.p12"
      password="..."
      alias="my-key-alias"
      aliasPassword="..." />
  </HttpSender>

Please note, that with this setup you cannot have a separate key/certificate to be used for SSL. This will be addressed in the future to be able to have different certificates used for SSL and private key authentication

See Also: