envoyproxy/envoy
View on GitHubjwt authn filter: re-retrieve the keys when it sees an unfamiliar kid value.
Open
#39,643 opened on May 27, 2025
area/jwt_authnenhancementhelp wantedno stalebot
Repository metrics
- Stars
- (27,997 stars)
- PR merge metrics
- (Avg merge 8d) (378 merged PRs in 30d)
Description
Title: One line description
Description: The jwt authn filter should try to re-fetch the keys if it encounters an unknown key. This allows the jwt authn filter work with a provider that rotates keys (for example, Zitadel).
[optional Relevant Links:] https://github.com/envoyproxy/gateway/issues/4180