JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants
junying1 opened this issue · comments
Is your feature request related to a problem? Please describe.
There is no support for using JWT as a client_assertion for getting an access token.
Describe the solution you'd like
Currently the client library allows for client secret based authentication. I would like to support JWT, according to RFC7523: https://tools.ietf.org/html/rfc7523.
In particular, this is used for server to server authentication with many EMR (Electronic Medical Record) systems.
I have an implementation ready for a PR, implemented as a HttpExecuteInterceptor, as done in ClientParametersAuthentication
Describe alternatives you've considered
I could implement this using raw HTTP client such as OKHttp. In fact, I have an working implementation.
Additional context