Hi, my current version of CAS is 6.6.0.
I'm using JWT with CAS and I set these configs: cas.authn.token.crypto.enabled=true cas.authn.token.crypto.encryptionEnabled=true cas.authn.token.crypto.signingEnabled=true cas.authn.token.crypto.alg=A256CBC-HS512 cas.authn.token.crypto.signing.key=*** cas.authn.token.crypto.signing.keySize=512 cas.authn.token.crypto.encryption.key=*** cas.authn.token.crypto.encryption.keySize=512 When I do login ona a specific service, CAS generates a valid JWT, but in the header it puts a random "kid" each time: { "alg": "HS512", "typ": "JWT", *"kid": "56179e82-c6cb-4661-a181-aa2a6fb8b3c7"* } So I can't validate this JWT with a jwk url, because the "kid" change each time. Is there a way to generate a static "kid"? I'm missing some configurations? With CAS 6.5.2 the "kid" isn't generate at all with the same configuration. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4ad64655-9fcd-4818-95af-4befa1d692f3n%40apereo.org.