Hi,
Does okta have any implementation for cnf in a jwt? Are there some examples I can refer? I would like to implement an equivalent of - https://community.apigee.com/articles/71494/pop-using-jwt-to-prove-possession-of-a-key.html , via okta.
Hi @sandra2994
We do not have an out of the box implementation for RFC 7800, however this can be implemented using Token Inline Hook feature which gives you the possibility to add additional claims inside JWTs before being issued by the authorization server.
Hi,
Isnt cnf a reserved keyword for claim in okta? How do we configure it?
Hi @dragos We have an inline hook and we have a public key included as part of cnf. When we call ensureAuthenticated() with cnf in JWT it doesnt authenticate user with valid token. (isAuthenticated = false) But when we remove cnf from jwt, it works just fine. Any help?
Is there a limit on how long the token should be? When I set cnf with shorter value, it works
@dragos We are also looking to implement POP token RFC 7800, would like to know what is the latest… does OKTA have support for this
Okta does not currently support RFC7800 and it is not on our public roadmap at this time: The Okta Product Roadmap | Okta Help Center.
If you are interested in this feature, I recommend reaching out to your Okta Account Manager or, if you have one, Customer Success Manager, and create an Okta Idea so that our Product team can gauge interest from our customers about supporting this RFC.