Uses of Package
org.keycloak.broker.spiffe

Packages that use org.keycloak.broker.spiffe

Package	Description
org.keycloak.broker.spiffe

Classes in org.keycloak.broker.spiffe used by org.keycloak.broker.spiffe

Class	Description
SpiffeIdentityProvider	Implementation for https://datatracker.ietf.org/doc/draft-schwenkschuster-oauth-spiffe-client-auth/ Main differences for SPIFFE JWT SVIDs and regular client assertions: jwt-spiffe client assertion type iss claim is optional, uses SPIFFE IDs, which includes trust domain instead jti claim is optional, and SPIFFE vendors re-use/cache tokens sub is a SPIFFE ID with the syntax spiffe://trust-domain/workload-identity Keys are fetched from a SPIFFE bundle endpoint, where the JWKS has additional SPIFFE specific fields (spiffe_sequence and spiffe_refresh_hint, the JWK does not set the alg>
SpiffeIdentityProviderConfig