zuul/releasenotes/notes/deprecate-RS256withJWKS-0303fd688958dff9.yaml
Matthieu Huin 8f243b0126 JWT drivers: Deprecate RS256withJWKS, introduce OpenIDConnect
Replace the RS256withJWKS driver with the simplified OpenIDConnect
driver. The new driver doesn't require the 'keys_url' parameter,
all needed parameters are fetched from the well-known config
endpoint inferred from the issuer_id.

Add a simple workflow test of the OpenIDConnect driver.

Change-Id: I4b0936a587918d6051a4206e20cad68577617e3d
2020-02-11 09:30:15 +00:00

8 lines
281 B
YAML

---
deprecations:
- |
Authentication: the JWT driver "RS256withJWKS" is deprecated in favor of the
"OpenIDConnect" driver. The "OpenIDConnect" driver simplifies configuration
for administrators and is better aligned with OIDC configuration discovery
conventions.