mirror of
https://github.com/keycloak/keycloak.git
synced 2026-01-25 16:42:34 +00:00
[OID4VCI] Conformance Test Fixes (#44439)
closes #44659 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
This commit is contained in:
committed by
GitHub
parent
25cbc45002
commit
4dd68c0316
@@ -147,6 +147,8 @@ Create a JSON file (e.g., `realm-attributes.json`) with the following content:
|
||||
|
||||
The attributes section contains issuer-specific metadata:
|
||||
- **preAuthorizedCodeLifespanS** – Defines how long pre-authorized codes remain valid (in seconds).
|
||||
- **oid4vc.attestation.trusted_keys** – JSON array of trusted JWK (JSON Web Key) objects for attestation proof validation. Each JWK must include a `kid` (key ID) field. These keys take precedence over realm session keys when there are conflicts. Useful for configuring additional trusted keys beyond the realm's default keys. Format: JSON array of JWK objects, e.g., `[{"kid":"key1","kty":"EC",...},{"kid":"key2","kty":"RSA",...}]`.
|
||||
- **oid4vc.attestation.trusted_key_ids** – Comma-separated list of key IDs from the realm's key providers to use for attestation proof validation. Keys are looked up by their `kid` regardless of enabled status, allowing the use of disabled keys that are not exposed in well-known endpoints. This attribute takes the highest priority when merging trusted keys. Format: comma-separated list of key IDs, e.g., `key-id-1,key-id-2,key-id-3`.
|
||||
|
||||
==== Import Realm Attributes
|
||||
|
||||
|
||||
Reference in New Issue
Block a user