This makes absolute sense to support in order to ensure library compat, thanks for bringing this up. We are working to finish this, I’ll update this when it’s complete.
An error occurred while saving the commentJeremy Huckeba commented
Adding CORS to the key server would be helpful to get OpenID Connect certified clients such as oidc-client-js (and redux-oidc) to work. It is a common scenario to decrypt the key on the client to obtain claims for display purposes and *ALSO* pass that key in cookies or the auth header to an API layer to be validated by the API.Jeremy Huckeba supported this idea ·