You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Defining this option enables the traditional method described in the OAuth2 specification and performs an [introspect][introspect] request.<br/>
121
121
Optional. Example: `1234-bar-4321-foo`<br/>
122
122
123
-
-`publicKey {string}` – The realm its public key related to the private key used to sign the token.<br/>
124
-
Defining this option enables the offline and non-live validation. The public key has to be in [PEM][pem] format.<br/>
123
+
-`publicKey {string|Buffer|Object}` – The realm its public key related to the private key used to sign the token.<br/>
124
+
Defining this option enables the offline and non-live validation. The public key has to be in [PEM][pem](`{string|Buffer}`) or [JWK][jwk] (`{Object}`) format. Algorithm has to be `RSA-SHA256` compatible.<br/>
125
125
Optional.
126
126
127
127
-`entitlement {boolean=true}` – The token should be validated with the entitlement API to enable fine-grained authorization. Enabling this option decelerates the process marginally. Mind that `false` is an invalid value.<br/>
0 commit comments