How can I set the signature algorithm when creating client with the Management API?

I am using the ManagementClient to create an SPA client. When creating the client using the createClient function, how can I set its JsonWebToken Signature Algorithm?

Hey there @groffcole!

Not sure if it’s doable with the Management API to be honest. Here are all the endpoints:

Oh, no! That would be a bummer. The SPA quickstart guide has you create an SPA application, which is defaulted to the RS256 algorithm. Why would creating one with the Management API not provide that ability?

I checked this endpoint:

from our Management API which is for creating clients and the signing_keys variable is in response schema but not the body which is my initial reasoning why potentially it’s not doable to pick the signing algorithm via the API

Shoot, this is a bummer. Any other ideas?

This is frustrating because without the ability to set the signing algorithm there is no way to automate the creation of the resources necessary for using the auth0-spa-js library to manage users with a React application.

Yep totally understand that! Let me dig some deeper to see if we can do something about it!

So it seems like it might be not documented properly but it should be doable when you add this:

"jwt_configuration": {
    "alg": "HS256",
  }

when hitting this Management API endpoint

Oh! I’ll have to try this today. Thank you! That’s pretty exciting. I appreciate you looking into this.

1 Like

No worries! Try this and let me know if that worked!

It worked!

I also had to include the lifetime_in_seconds property:

      jwt_configuration: {
        alg: "RS256",
        lifetime_in_seconds: 36000
      }
1 Like

Perfect! Now we have it! :slight_smile:

1 Like