Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use RS256 instead of HS256 as the default OpenID Connect sign algorithm #118

Open
alextreme opened this issue Nov 5, 2024 · 0 comments
Open

Use RS256 instead of HS256 as the default OpenID Connect sign algorithm #118

alextreme opened this issue Nov 5, 2024 · 0 comments
Assignees
@danielmursa-dev

Comments

@alextreme
Copy link
Member

In a number of our projects we integrate OIDC (Azure, Keycloak, Signicat-DigiD, Signicat-eHerkenning). AFAIK for all of these integrations we need to set the OIDC sign algorithm from HS256 to RS256.

I'd like to propose that we set RS256 as the default

Auth0 also uses RS256 as default value:

https://community.auth0.com/t/jwt-signing-algorithms-rs256-vs-hs256/7720/3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danielmursa-dev danielmursa-dev

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alextreme @danielmursa-dev