 |
Xentara v2.0.4
User Manual
|
|
Xentara v2.0.4
User Manual
|
Xentara supports JSON Web Key (JWK) Sets. Many authorization providers do not supply encryption keys, but JWK Sets, which allows for rotating the signing key.
A JWK Set is a JSON file that contains one or more public keys. This JSON file can generally be downloaded from the authorization provider, and must be copied to the host on which Xentara is running.
The location of the JWK set file for each OAuth 2.0 issuer must be configured in the Xentara OAuth 2.0 configuration file. The path can be absolute or relative. If is is absolute, then the specified path will be used as-is. If is is relative, then the JWK set file will be searched for at the locations described below.
If the JWK set path is a simple file name or a relative path under Linux, Xentara looks for the JWK set file in the following locations, in order:
You can specify additional search directories on the command line using the option --config-dir=<path>, where <path> is be the path to a directory to search. You can specify this option more than once to add multiple directories to the search path. The additional directories are searched in the order they appear on the command line, before the default directories listed above.
You can override the searched directories as described in the XDG Base Directory Specification.
If the JWK set path is a simple file name or a relative path under Windows, Xentara looks for the JWK set file in the following locations, in order:
You can specify additional search directories on the command line using the option -ConfigDir <path>, where <path> is be the path to a directory to search. You can specify this option more than once to add multiple directories to the search path. The additional directories are searched in the order they appear on the command line, before the default directories listed above.