Skip to content

Commit f091fd2

Browse files
mevdscheemevdschee
committed
Add support for multiple keys as proposed in #544 
1 parent 2c62e6e commit f091fd2

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

README.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -616,7 +616,7 @@ You can tune the middleware behavior using middleware specific configuration par
616616
- "jwtAuth.header": Name of the header containing the JWT token ("X-Authorization")
617617
- "jwtAuth.leeway": The acceptable number of seconds of clock skew ("5")
618618
- "jwtAuth.ttl": The number of seconds the token is valid ("30")
619-
- "jwtAuth.secret": The shared secret used to sign the JWT token with ("")
619+
- "jwtAuth.secrets": The shared secret(s) used to sign the JWT token with ("")
620620
- "jwtAuth.algorithms": The algorithms that are allowed, empty means 'all' ("")
621621
- "jwtAuth.audiences": The audiences that are allowed, empty means 'all' ("")
622622
- "jwtAuth.issuers": The issuers that are allowed, empty means 'all' ("")
@@ -731,7 +731,7 @@ Once logged in, you have to create an application (its type does not matter). Co
731731
and `Client ID` and keep them for a later use. Then, create an API: give it a name and fill the
732732
`identifier` field with your API endpoint's URL.
733733

734-
Then you have to configure the `jwtAuth.secret` configuration in your `api.php` file.
734+
Then you have to configure the `jwtAuth.secrets` configuration in your `api.php` file.
735735
Don't fill it with the `secret` you will find in your Auth0 application settings but with **a
736736
public certificate**. To find it, go to the settings of your application, then in "Extra settings".
737737
You will now find a "Certificates" tab where you will find your Public Key in the Signing
@@ -755,11 +755,11 @@ You can also change the `url` variable, used to test the API with authentication
755755
First you need to create a Firebase project on the [Firebase console](https://console.firebase.google.com/).
756756
Add a web application to this project and grab the code snippet for later use.
757757

758-
Then you have to configure the `jwtAuth.secret` configuration in your `api.php` file.
758+
Then you have to configure the `jwtAuth.secrets` configuration in your `api.php` file.
759759
Grab the public key via this [URL](https://www.googleapis.com/robot/v1/metadata/x509/[email protected]).
760760
There may be several certificates, just grab the one corresponding to your `kid` (if you don't
761761
know what it is, just test them all until you will be logged in).
762-
Now, just fill `jwtAuth.secret` with your public key.F
762+
Now, just fill `jwtAuth.secrets` with your public key.
763763

764764
To test your integration, you can copy the [firebase/vanilla.html](examples/clients/firebase/vanilla.html)
765765
file and the [firebase/vanilla-success.html](examples/clients/firebase/vanilla-success.html) file,

0 commit comments

Comments
 (0)