Vijay Jammi created NIFI-8406:
---------------------------------
Summary: Oidc Identity Provider should support assertions as
client credentials for authenticating against the token endpoint
Key: NIFI-8406
URL: https://issues.apache.org/jira/browse/NIFI-8406
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework, Security
Affects Versions: 1.11.4
Reporter: Vijay Jammi
The current oidc client authentication methods (client_secret_post,
client_secret_basic) require client credentials (client_secret) to be stored as
plain text on the client's filesystem, which could also be inadvertently
checked into source control system.
Due to these and other security considerations, we should be able to use
assertions as client credentials for authenticating against the token endpoint.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
