Github user jeanouii commented on a diff in the pull request:
https://github.com/apache/tomee/pull/342#discussion_r244751383
--- Diff: examples/mp-rest-jwt-jwk/README.adoc ---
@@ -0,0 +1,76 @@
+= MicroProfile JWT JWKs
+:index-group: MicroProfile
+:jbake-type: page
+:jbake-status: published
+
+This is an example on how to use MicroProfile JWT in TomEE by using the
+public key as JWKs.
+
+== Run the application:
+
+[source, bash]
+----
+mvn clean install tomee:run
+----
+
+This example is a CRUD application for products available.
+
+== Requirments and configuration
+
+For usage of MicroProfile JWT we have to change the following to our
+project:
+
+[arabic]
+. Add the dependency to our `pom.xml` file:
++
+....
+<dependency>
+ <groupId>org.eclipse.microprofile.jwt</groupId>
+ <artifactId>microprofile-jwt-auth-api</artifactId>
+ <version>${mp-jwt.version}</version>
+ <scope>provided</scope>
+</dependency>
+....
+. Annotate our `Application.class` with `@LoginConfig(authMethod =
"MP-JWT")`
+
+. Provide public and private key for authentication. And specify the
location of the public key and the issuer in our
--- End diff --
What's actually required is the public key because MicroProfile JWT targets
the validation side (consuming a JWT). The private key would be useful on the
producer side of things such as an identity provider, or an API Gateway.
---
