How to get the CEK to decrypt the ID Token? #9990
-
|
Hello, I was able to encrypt my id token with Keycloak, but now I am trying to understand how to decrypt it? Following the documentation of Signed and Encrypted ID Token Support it says that Keycloak and a client must negotiate which CEK is used and how it is delivered but how can I negotiate with it? And where can I get the CEK? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
@lrodriguez14 Hello, current Keycloak only supports Key Encryption for negotiating which CEK is used. How it works is as follows.
How a client app tells its public key used for encrypting CEK to Keycloak is described in Server Administration Guide. |
Beta Was this translation helpful? Give feedback.
@lrodriguez14 Hello, current Keycloak only supports Key Encryption for negotiating which CEK is used. How it works is as follows.