From 003680a9f77ad48367c9f83c9c69a2d1c4ab4231 Mon Sep 17 00:00:00 2001 From: Mark Phelps <209477+markphelps@users.noreply.github.com> Date: Wed, 10 Jan 2024 09:12:21 -0500 Subject: [PATCH] chore: address PR feedback --- authentication/methods.mdx | 2 +- authentication/overview.mdx | 2 +- configuration/authentication.mdx | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/authentication/methods.mdx b/authentication/methods.mdx index 0c48ef9..723fa83 100644 --- a/authentication/methods.mdx +++ b/authentication/methods.mdx @@ -270,7 +270,7 @@ The expiration can be used to schedule when to next request a new client token. [JSON Web Tokens](https://jwt.io/) (JWT) are an open, industry standard RFC 7519 method for representing claims securely between two parties. Flipt supports the use of externally created and signed JWTs as a method of authentication. -JWT authentication is useful for scenarios where you want to integrate Flipt with an existing authentication system. +JWT authentication is useful for scenarios where you want to integrate Flipt with an existing authentication system, or where you want to perform service to Flipt authentication without the need to manage static client tokens. JWT authentication is **not** supported by the Flipt UI as it is not a session compatible authentication method. diff --git a/authentication/overview.mdx b/authentication/overview.mdx index 25854cd..353e13c 100644 --- a/authentication/overview.mdx +++ b/authentication/overview.mdx @@ -52,7 +52,7 @@ Once a `client token` has been acquired, it can be supplied via request metadata ## JSON Web Tokens -Flipt can also authenticate requests using externally created and signed [JSON Web Tokens](https://jwt.io/). This is useful for integrating with existing authentication systems with Flipt. +Flipt can also authenticate requests using externally created and signed [JSON Web Tokens](https://jwt.io/). This is useful for integrating existing authentication systems with Flipt. To enable JWT authentication, you will need to configure Flipt with the public key used to verify the JWT signature. diff --git a/configuration/authentication.mdx b/configuration/authentication.mdx index 016ebd9..2dd8166 100644 --- a/configuration/authentication.mdx +++ b/configuration/authentication.mdx @@ -340,9 +340,9 @@ Further explanation for using this method can be found in the [Authentication: K ### JSON Web Token -The `jwt` method provides the ability to authenticate with Flipt using an externally issued JSON Web Token. This method is useful for integrating with other authentication systems that can issue JWTs (e.g. [Auth0](https://auth0.com/docs/tokens/json-web-tokens)). +The `jwt` method provides the ability to authenticate with Flipt using an externally issued JSON Web Token. This method is useful for integrating with other authentication systems that can issue JWTs (e.g. [Auth0](https://auth0.com/docs/tokens/json-web-tokens)) or by generating your own signed JWTs on the fly. -Flipt supports asymmetrically signed JWTs using the following algorithm: +Flipt supports asymmetrically signed JWTs using the following algorithms: - RS256 - RS512 @@ -350,7 +350,7 @@ Flipt supports asymmetrically signed JWTs using the following algorithm: - ES512 - EdDSA -This means that the JWT must be signed using an RSA private key and Flipt must be configured with the corresponding public key. +This means that the JWT must be signed using a private key leveraging one of these algorithms and Flipt must be configured with the corresponding public key. Flipt supports key verification using the following methods: