Add external Idp with OIDC using private_key_jwk

jenny hougen 0 Reputation points
2025-01-03T12:50:00.0033333+00:00

I have setup an External identity with custom oidc. I want to use private_key_jwk, but I cannot find the place to provide my private key.

User's image

As specified in the documentation:

Client ID and Client Secret are the identifiers your identity provider uses to identify the registered application service. Client secret needs to be provided if client_secret authentication is selected. If private_key_jwt is selected, private key needs to be provided.

https://learn.microsoft.com/en-us/entra/external-id/customers/how-to-custom-oidc-federation-customers

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,986 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Bora Ozbayburtlu 10 Reputation points Microsoft Employee
    2025-01-10T12:44:27.2966667+00:00

    Thank you for the feedback, Jenny. For private_key_jwt implementation, you'll need to use the jwk endpoint which is expected to be predefined in the well-known endpoint. This structure is used for rolling keys automatically using the jwk endpoint. However, we also have alternative plans to support key pairs for private_key_jwt.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.