I’d like to use a JWKS endpoint that doesn’t specify them ( https://api.epicgames.dev/epic/oauth/v1/.well-known/jwks.json ). Attempting to resulted in an invalid jwks error, and I suspect the missing “use” and “alg” fields are why.
According to the JWK spec RFC 7515, the “use” and “alg” fields are optional.
Would it be possible to support this?
@smoothstacks Thanks for your question.
Your request has been forwarded to our team and we will get back with further updates once more information becomes available.
We currently operationalise Go’s standard library for JWTs which requires them in the JWKs.
There are two alternative to this:
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.