Versions Compared

Old Version 1

changes.mady.by.user Gabriel BERLICKI

Saved on

compared with

New Version 2

changes.mady.by.user Gabriel BERLICKI

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
maxLevel35
typeflat

The private_key_jwt authentication is based on asymmetric key, the private part is generated and only known by the client whereas the public part is communicated and registered in the authorization server for the specific client.

...

ES256 signing algorithm + above attributes + signature of them must be served in JWT format (rfc7519), see below:

JWT client assertion header

{
  "alg": "ES256",
  "typ": "JWT"
}


JWT client assertion payload

{
  "iss": "das-api-auth",
  "sub": "das-api-auth",
  "aud": "https://logindev.wipo.int:443/am/oauth2/access_token",
  "exp": 1622450728
}


JWT client assertion signature

# Signature of the header and payload sections. # it is an array of bytes encoded in base 64

All parts are encoded and separated by '.' to make up the JWT as follows


private_key_jwt assertion

eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkYXMtYXBpLWF1dGgiLCJzdWIiOiJkYXMtYXBpLWF1dGgiLCJhdWQiOiJodHRwczovL2xvZ2luZGV2LndpcG8uaW50OjQ0My9hbS9vYXV0aDIvYWNjZXNzX3Rva2VuIiwiZXhwIjoxNjIyNDUwNzI4fQ.BLA6k2kKKFVm6AG-DPDpRU_5JDFGRF1dHjKul7saWCv5OxXGg4EY-J9e1p8Dg0ngD2dZ2grkJ2su7jaHy67YEw

...