Verify JWT token

[4edawen]

Hi OpenIDC contributor and community,

I have setup my apache server as a reverse proxy. In this context, I want to use mod_auth_openidc, to verify the signature of the jwt that a client sent to me.

Example :

• client sent this curl :

curl https://www.mydomain.com/endpoint -H "Authorization Bearer XXXX"

• the apache look up the jwt, and check the signature, given a cert or public key, thanks to mod_auth_openidc
• the request is transferred to the backend.

So my question is : is this behavior allowed by mod_auth_openidc ? is there a way to find a minimal configuration to make this possible ?

Thank you for your time 🙏

[4edawen]

The question is not relevant.