WORKERS AHEAD!

You are viewing the development documentation for the Apereo CAS server. The functionality presented here is not officially released yet. This is a work in progress and will be continually updated as development moves forward. You are most encouraged to test the changes presented.

OpenID Connect Authentication JWKS Storage - Custom

It is possible to design and inject your own keystore generation strategy into CAS using the following @Bean that would be registered in a @AutoConfiguration class:

@Bean(initMethod = "generate")
public OidcJsonWebKeystoreGeneratorService oidcJsonWebKeystoreGeneratorService() {
    return new MyJsonWebKeystoreGeneratorService(...);
}

Your configuration class needs to be registered with CAS. See this guide for better details.