1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
I have not tried it myself, but if it is an OIDC compliant token, you should be able to verify it through the official verification process, getting the jwks url in the iss field of the token
Here is how to do it:
- From the token get the iss value
- Issue a GET on the URI built from iss+/.well-know/openid-configuration https://cognito-identity.amazonaws.com/.well-known/openid-configuration
- From the JSON returned, get the jwks_uri field
- Issue a GET to the URI from the jwks_uri field to get the jwks https://cognito-identity.amazonaws.com/.well-known/jwks_uri
- Use the kid from the id token to select the right entry in the jwks to verify the signature
Contenus pertinents
- demandé il y a un an
- demandé il y a 8 mois
- demandé il y a un an
- demandé il y a 3 mois
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans