Hi all, I wanted to understand if there’s a way that I can configure an application (that is currently responsible for signing JWT for access_token, refresh_token) to be the trusted issuer in ForgeRock.
There’s an application that is responsible for signing JWT and I just wanted to understand how I can make forgerock trust that issuer
Hi pvatasa,
To configure your application as a trusted issuer, please refer to the JWT profile for authorization documentation. This guide provides instructions for adding a Trusted JWT Issuer Agent in AM.
You will need to configure AM to trust the issuer by setting up a trusted JWT issuer profile. Ensuring that AM has access to the public keys of the application that signs the JWTs, as these keys will be used by AM to verify the signatures.
I hope this helps!
Thank you
Sheila