Forum Discussion
Marvin
Cirrocumulus
Jul 27, 2021F5 Oauth server introspect JWT access token from external server
dear all, I already have setup a F5 as oauth client, F5 as oauth server (AS) and F5 as API gateway where F5 performs the introspect internally in its oauth database. So that is all working fine. ...
Marvin
Cirrocumulus
Aug 06, 2021The answer is to use the JWKS endpoint and verify the JWT kid signature value and perform a modulus check. So there is no need to contact the introspect endpoint.
https://medium.com/trabe/validate-jwt-tokens-using-jwks-in-java-214f7014b5cf
https://software-factotum.medium.com/validating-rsa-signature-for-a-jws-10229fb46bbf
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects