[
https://issues.apache.org/jira/browse/NIFI-8408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vijay Jammi updated NIFI-8408:
------------------------------
Description:
Duplicate of NIFI-8406
was:
The current oidc client authentication methods (client_secret_post,
client_secret_basic) require client credentials (client_secret) to be stored as
plain text on the client's filesystem, which could also be inadvertently
checked into source control system.
Due to these and other security considerations, we should be able to use
assertions as client credentials for authenticating against the token endpoint.
Summary: [Duplicate] Oidc Identity Provider should support assertions
as client credentials for authenticating against the token endpoint (was: Oidc
Identity Provider should support assertions as client credentials for
authenticating against the token endpoint)
> [Duplicate] Oidc Identity Provider should support assertions as client
> credentials for authenticating against the token endpoint
> --------------------------------------------------------------------------------------------------------------------------------
>
> Key: NIFI-8408
> URL: https://issues.apache.org/jira/browse/NIFI-8408
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Security
> Affects Versions: 1.11.4
> Reporter: Vijay Jammi
> Priority: Major
> Labels: OIDC, Security, assertion
>
> Duplicate of NIFI-8406
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
