Signed and encrypted JWT with LetsEncrypt certificate. Is it possible?
Hello, I am experimenting with a self-hosted Zitadel+PostgreSQL, so this might be a noob question. What I am trying to achieve is to develop custom login UIs for stateless apps, in Svelte and Flutter (SSO is a requirement), which, after login and password authentication, get a JWT, both signed and encrypted using my own LetsEncrypt certificate.
1) Is it possible to configure the certificate in Zitadel using an API call (GPT-4 says that the endpoint is https://<YOUR_ZITADEL_DOMAIN>/management/v1/projects/<PROJECT_ID>/keys but I can´t find it in the docs and I get a 404)
2) Is it possible to configure Zitadel to return as a product of the auth flow the signed and encrypted JWT?
Thanks.
4 Replies
Hey, interesting question.
ATM 1) is not possible and I think GPT was halucinating 😁
For 2) we only support signed not encrypted.
😵
I guess, it's failing a lot with Zitadel. Are there plans to do both things?
I have implemented JWT encryption in my own app, with letsencrypt keys. Would you consider a contribution? I am sure my code is fairly incompatible with Zitadel, but I could take a look.
No concrete plans yet. But you could create a feature request on Githbu for encrypted JWT or even a PR.
Ok, I'll give it a try.