https://stackoverflow.com/questions/23378121
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianEncryption is for confidentiality, not for preventing replay attacks.
The Microsoft jwt library does not support encryption. And we rely on that library.
How do I encrypt the JWT tokens in Thinktecture Identity Server?
質問
Does Thinktecture.IdentityServer support encrypting the JWT tokens it issues, for example to protect the token from being used in a reply attack?
If yes, how can a client decrypt the encrypted token?
I have tried to enabling "Require Token Encryption" in the IdentityServer General Configuration, however after doing so when I try to login I get a "No encryption key available" message at the identity server web page.
Is there a problem or am I missing a required setting?
解決
所属していません StackOverflow
