Hi, The application credentials documentation says Client Secret authentication is the default in Auth0. This warning is highlighted “To improve your security posture, we recommend using the Private Key JWT authentication method.”
The authorization code flow documentation says “Auth0’s SDK sends authorization code, application’s client ID, and application’s credentials, such as client secret or Private Key JWT, to Auth0 Authorization Server”. Is the private key JWT supported in the ruby SDK?
The example applications in the Ruby on Rails documentation use Client Secret. Does the omniauth-auth0 support private key JWT? Setup for the provider takes the client secret. I am overlooking something.