From 4118637469f331912b603712d055a5c66ac3b5a3 Mon Sep 17 00:00:00 2001
From: Gabor Javorszky <g.javorszky@f5.com>
Date: Tue, 8 Jul 2025 14:00:02 +0100
Subject: [PATCH] Add sni related config options to jwt policy

---
 content/nic/configuration/policy-resource.md | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/content/nic/configuration/policy-resource.md b/content/nic/configuration/policy-resource.md
index 6b4fd7cde..2e80afc02 100644
--- a/content/nic/configuration/policy-resource.md
+++ b/content/nic/configuration/policy-resource.md
@@ -419,12 +419,14 @@ This feature is implemented using the NGINX Plus directive [auth_jwt_key_request
 {{< /note >}}
 
 {{% table %}}
-|Field | Description | Type | Required |
-| ---| ---| ---| --- |
-|``jwksURI`` | The remote URI where the request will be sent to retrieve JSON Web Key set| ``string`` | Yes |
-|``keyCache`` | Enables in-memory caching of JWKS (JSON Web Key Sets) that are obtained from the ``jwksURI`` and sets a valid time for expiration. | ``string`` | Yes |
-|``realm`` | The realm of the JWT. | ``string`` | Yes |
-|``token`` | The token specifies a variable that contains the JSON Web Token. By default the JWT is passed in the ``Authorization`` header as a Bearer Token. JWT may be also passed as a cookie or a part of a query string, for example: ``$cookie_auth_token``. Accepted variables are ``$http_``, ``$arg_``, ``$cookie_``. | ``string`` | No |
+|Field | Description | Type | Required | Default |
+| ---| ---| ---| --- | --- |
+|``jwksURI`` | The remote URI where the request will be sent to retrieve JSON Web Key set| ``string`` | Yes | -- |
+|``keyCache`` | Enables in-memory caching of JWKS (JSON Web Key Sets) that are obtained from the ``jwksURI`` and sets a valid time for expiration. | ``string`` | Yes | -- |
+|``realm`` | The realm of the JWT. | ``string`` | Yes | -- |
+|``token`` | The token specifies a variable that contains the JSON Web Token. By default the JWT is passed in the ``Authorization`` header as a Bearer Token. JWT may be also passed as a cookie or a part of a query string, for example: ``$cookie_auth_token``. Accepted variables are ``$http_``, ``$arg_``, ``$cookie_``. | ``string`` | No | -- |
+|``sniEnabled`` | Enables SNI (Server Name Indication) for the JWT policy. This is useful when the remote server requires SNI to serve the correct certificate. | ``bool`` | No | `false` |
+|``sniName`` | The SNI name to use when connecting to the remote server. If not set, the hostname from the ``jwksURI`` will be used. | ``string`` | No | -- |
 {{% /table %}}
 
 {{< note >}}