Support for Asymmetric JWT Algorithms (e.g., RS256)

thrasos.thrasyvoulou Public · Apr 23 2025

Currently, the APEX_JWT APIs only support the HS256 symmetric encryption algorithm for JWT claim signatures. This limits integration with many modern identity providers and enterprise systems that rely on asymmetric algorithms like RS256 for enhanced security and key management.

Request:
Please consider extending APEX_JWT to support asymmetric encryption algorithms (such as RS256) for JWT signing and verification. This would align APEX with industry standards for secure authentication and enable easier integration with services like Azure AD, Google, Auth0, etc.

This idea is open.

Comments

richard martens OP 3 months ago

ClickSense (an Oracle Anylitics competitor) is one of those external systems that also needs an RS256 encrypted token. An upvote from me.
andrea galizzi OP 2 weeks ago

Yes. For example, this is required in the OpenID Connect Core and Discovery specs.
robertchalton OP 2 weeks ago

Long overdue
oracledba OP 39 hours ago

Hi are there any plans to support RS256 ?

15 Voters

Support for Asymmetric JWT Algorithms (e.g., RS256)

Feature

Comments

Comments