0 Replies Latest reply on Jun 11, 2019 4:41 PM by darrineth

    Elytron custom JWT header



      I'm working with wildfly-16.0.0.Final.

      I'm trying to setup a container managed authorization with JWT tokens generated by Auth0. I have followed the quickstart and created an appropriate configuration for my usecase:
      elytronConfiguraiton - Pastebin.com
      However, tokens generated by Auth0 include a custom JWT header namely "kid" which is used to identify a specific certificate.They look like this:

      exampleJWT_auth0 - Pastebin.com
      The problem is that tokens including this custom header get automatically rejected. When I prepare a token without this custom JWT header everything works just fine:
      exampleJWT_prepared - Pastebin.com

      Is there a way to tell elytron to allow for this custom JWT header?