Hi Andrea, all > I simply put in a file /etc/dovecot/keys/webmail/RS256/<key id> the > value of the public key found on the keycloak console. > > Which is the correct format of that file?
It's json. I had the same question initially, had to check the code. I obtain that file from https://${keycloak}/auth/realms/${realm}/protocol/openid-connect/certs (jwks_uri link in https://${keycloak}/auth/realms/${realm}/.well-known/openid-configuration) It looks something like: `{"kid": "...", "kty": "RSA", "alg": "RS256", "use": "sig", "n": ... "e": "AQAB", "x5c": ["....."], "x5t": "...", "x5t#S256": "..."}` I see from the documentation that 2.3.16 will support auto discovery: https://doc.dovecot.org/configuration_manual/authentication/oauth2/#openid-discovery Cheers, Vincent
OpenPGP_signature
Description: OpenPGP digital signature
