Reputation: 1241
Multiple jwks in IdentityServer
I'm not sure how IdentityServer produces jwks. When I run it I can only see one set of jwks. I see some of the example as like https://login.microsoftonline.com/common/discovery/v2.0/keys which it has multiple jwks. Inside this url, it seems that jwks refer to the tenant. Is that means I can have multiple jwks also if I integrate my IdentityServer with other OpenId providers like Google, Facebook?
Upvotes: 1
Views: 817
Answers (1)
Reputation: 4812
Identity Server 4 only uses one asymetric key pair to sign JWT's. To the best of my knowledge, there is no out of the box support to use key pair per tenant (unless ofcourse you host a separate instance per tenant).
Also worthwhile noting that you can technically have more than one key pair, but that is intended to support signing key rollover and not multitenancy.
Upvotes: 3
Related Questions
- Identity Server Confusion
- JWK management in openID Connect provider server
- Network calls /.well-known/openid-configuration/ and /.well-known/openid-configuration/jwks
- Concurrent login with identity server4
- Identity server multiple provider
- IdentityServer4 Multiple API access, single token
- Federated identity between multiple instances of IdSrv3
- identity server 4 using multiple external identity providers
- Multiple Api Resource
- Identity Server v2 Multiple Origin Login