-
Notifications
You must be signed in to change notification settings - Fork 4.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filter identity token keys #12780
Filter identity token keys #12780
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! Had an idea for an alternative approach. Let me know your thoughts.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with Austin's suggested optimization, but looks good to me otherwise!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One comment on changelog. Otherwise, LGTM 👍
Description
Filter the keys published at the /keys endpoint for identity tokens in use by roles. Right now, if keys are created for the OIDC provider, they’ll be published at /keys for identity tokens even if they’re not used by that system.
Manual Testing
Test script
Output