[NXDOC-2060] Review JWT Token Request Doc Page - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None

Tags:
- doc-presales-team
- nxplatform
Team:
PLATFORM

Description

Our documentation for the JWT authentication option is lacking / misleading. Please see the email to Ed regarding JWT access.
Page: https://doc.nuxeo.com/nxdoc/using-oauth2/#requesting-an-access-token-with-a-jwt

We are missing a couple steps:

Setting nuxeo.jwt.secret is not called out for JWT usage (except in the Java client page: https://doc.nuxeo.com/client-java/3.2/authentication/#jwt-authentication)
Required algorithm: HS512
Issuer is required: ... "iss":"nuxeo" ... is a hard-coded check
Timestamp is used for TTL

Attachments

Activity

People

Assignee:

Damon Brown

Reporter:

Manon Lumeau

Participants:

Damon Brown, Jenkins, Manon Lumeau

Reviewers:

Manon Lumeau

Votes:

0 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

2020-01-31 10:13

Updated:

2020-05-07 16:32

Resolved:

2020-05-07 16:18