You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
-`secret {string}` The related secret of the Keycloak client/application.<br/>
130
-
Defining this option enables the traditional method described in the OAuth2 specification.<br/>
130
+
Defining this option enables the traditional method described in the OAuth2 specification. To perform an almost offline validation enable the cache — a simple offline verfication with symmetric keys is not provided for security reasons.<br/>
131
131
Optional. Example: `1234-bar-4321-foo`<br/>
132
132
133
133
-`publicKey {string}` The related public key of the Keycloak client/application.<br/>
134
134
Defining this option enables the offline validation using signed JWTs. The public key has to be in [PEM][pem] or [JWK][jwk] format. If you define neither `secret` nor `public` key, the plugin assumes that a signed JWT has to be validated – it retrieves the public key itself from `{realmUrl}/protocol/openid-connect/certs`. The offline strategy its performance is higher but the online strategy is the most flexible one.<br/>
135
135
Optional.
136
136
137
-
-`minTimeBetweenJwksRequests {number}` – The minimum time between JWK requests in seconds.<br/>
137
+
-`minTimeBetweenJwksRequests {number}` – The minimum time between JWKS requests in seconds.<br/>
0 commit comments