Will there be support for OAuth2 JWTs signed with EC256?

Hello,

we evaluating Solace as a Pub-Sub-Broker for our infrastructure. We want to use our authorization server with the OAuth2 Client Credential Grant for client authentication and scopes for authorisation. The server issued JWTs signed with the EC256 algorithm. I understand that the OAuth provider is only available with MQTT which is fine, but the missing ECDSA support is a problem. So I have 2 questions:

1) Will there be ECDSA support in a future version coming?
2) Is the client credential grant supported with password like OPENID~~?

Thanks,
Daniel

Tagged:

Answers

  • pkondrat
    pkondrat Member, Employee Posts: 27 Solace Employee

    Hi Daniel,

    PubSub+ Event Broker currently supports RS256, RS384 and RS512 as signing algorithms for JWTs. There is currently no support for EC256.

    For a client connecting using OAuth/OIDC, the token grant method is under the control of the application. The application is expected to get the token(s) by whatever grant method is most appropriate and then use the password to encode the token so that it can be transferred to the broker. Your application could use a client credentials grant to get the token(s) and then pass those to the broker in the password.

    Best Regards,
    Paul