Red Hat Single Sign-On Public Key Visible when accessed via browser

Solution In Progress - Updated -

Issue

  • For testing we have copied this URL and changed the client id and client secret and made a request through the browser. Still it returns the public key. Even without any client id or client secret it shows the PUB key. Is this expected?

Environment

  • Red Hat Single Sign-On 7.2.0
  • Red Hat Single Sign-On as IDP in 3scale. 'OpenID Connect Issuer' field configured as so: https://{client_id}:{client_secret}@{rh-sso-domain}.com/auth/realms/{realm}.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content