Support for OAuth 2 Client Assertions / JWKs
Feature Request
I’ve not seen any API client handle client assertions in a nice way yet. It’s an alternative to the client credentials flow, where instead of sending client_id and client_secret you send client_id and client_assertion. The assertion is basically a signed JWT.
It would be a really awesome standout feature if that was part of the authentication options for OAuth instead of having to do some workaround via scripting/request chaining.
I’d be willing to contribute myself, but your repository mentions “Yaak is open source but only accepting contributions for bug fixes”
More info about it can be found here
An example in Postman can be found here
Details are also in RFC 7523
Happy to accept a contribution for this! The “bugs only” callout is mainly for feature PRs, but improvements like this are welcome :)