Support to fetch the JWKS from different location than /.well-known/jwks.json

Question

Support to fetch the JWKS from different location than /.well-known/jwks.json

Closed this issue 7 years ago · 1 comments

It is well-mentioned that jwksCache: the verifier will try to fetch the JWKS from the /.well-known/jwks.json endpoint each time it verifies a token. But this may not be always the case. This is the sitution for the company I am working on. Should such an assumption be so rigid? What about providing support for fetching the keys from other location? What about taking this param as a config param?

Answer 1 · 2018-03-15T14:31:10.000Z

ACcording to the spec, this is possible, but it's not on our radar as of now. Do you want to send a PR with that?