Authenticate using OpenID Connect

You can authenticate incoming Quorum Key Manager (QKM) requests with the OAuth 2.0 standard using JSON Web Tokens (JWTs).

To use OAuth 2.0 authentication, user requests must present a JWT through the HTTP Authorization header with value Bearer <token>.

Refer to the OAuth 2.0 and OpenID Connect (OIDC) documentation for detailed information.

Command line options

You can set the following options at QKM runtime to configure OAuth 2.0 authentication.

--auth-oidc-issuer-url - URL of the OpenID Connect server.
--auth-oidc-audience - Expected audience in access tokens.

info

Starting Quorum Key Manager with OAuth 2.0 authentication

key-manager run --auth-oidc-issuer-url="https://quorum-key-manager.eu.auth0.com" --auth-oidc-audience=https://quorum-key-manager.consensys.net --manifest-path=/config/default.yml

Authenticate using OpenID Connect

Command line options​

Command line options