FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    OIDC Certificate vs. Secret

    Scheduled Pinned Locked Moved Unsolved
    General Discussion
    2
    2
    134
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tschlegel
      last edited by

      We're implementing OIDC SSO auth with Microsoft Entra for a client, and we'd like to be able to use a certificate rather than a secret when configure the identity provider in FusionAuth. It looks to me like the only option is to use a secret, and there's no obvious or documented way to use a certificate in place of a secret. Is this the case? If so it's unfortunate since there's an required expiration for Entra secrets (we're trying to avoid this).

      Can you confirm my suspicion here?

      danD 1 Reply Last reply Reply Quote 0
      • danD
        dan @tschlegel
        last edited by

        @tschlegel

        Yes, there's currently no support for using a certificate.

        Here's an open tracking issue: https://github.com/FusionAuth/fusionauth-issues/issues/3083

        Please comment and/or upvote this with any other details that would help the product team prioritize this.

        --
        FusionAuth - Identity Without Constraints
        https://fusionauth.io

        1 Reply Last reply Reply Quote 0
        • First post
          Last post