Document RPC authentication JWT algorithm option (#1509)

* Document RPC authentication JWT algorithm option

Signed-off-by: Jorge F Pastor <jorgefpastor@gmail.com>

* edit and remove changes to versioned docs

Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net>

---------

Signed-off-by: Jorge F Pastor <jorgefpastor@gmail.com>
Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net>
Co-authored-by: Alexandra Tran <alexandra.tran@consensys.net>
Co-authored-by: Alexandra Tran Carrillo <12214231+alexandratran@users.noreply.github.com>

docs/public-networks/how-to/use-besu-api/authenticate.md

@@ -160,10 +160,15 @@ The private and accompanying public key files must be in `.pem` format.
 
 The [key algorithm](https://datatracker.ietf.org/doc/html/rfc7518#section-3.1) can be:
 
-- RSA with private key length of at least 2048 bits using algorithm `RS256`, `RS384` or `RS512`.
-- ECDSA private key, using `ES256` (`secp256r1` or `secp256k1`), `ES384` or `ES512`.
+- RSA with private key length of at least 2048 bits using algorithm `RS256`, `RS384`, or `RS512`.
+- ECDSA private key, using `ES256` (`secp256r1` or `secp256k1`), `ES384`, or `ES512`.
 
-Besu default is `RS256`.
+The default value for Besu is `RS256`.
+When you use a different key algorithm, you must specify the
+[`--rcp-http-authentication-jwt-algorithm`](../../reference/cli/options#rpc-http-authentication-jwt-algorithm)
+option and/or the
+[`--rcp-ws-authentication-jwt-algorithm`](../../reference/cli/options#rpc-ws-authentication-jwt-algorithm)
+option depending on your needs.
 
 <Tabs>
 <TabItem value="RS256 RSA Keys" label="RS256 RSA Keys" default>
@@ -179,10 +184,10 @@ Besu default is `RS256`.
  ```bash
  openssl rsa -pubout -in privateRSAKey.pem -pubout -out publicRSAKey.pem
  ```
- 
+
 </TabItem>
 
-<TabItem value="ES256 secp256r1 ECDSA Keys" label="`ES256 secp256r1 ECDSA Keys">
+<TabItem value="ES256 secp256r1 ECDSA Keys" label="ES256 secp256r1 ECDSA Keys">
 
 1. Generate the private key:
 

docs/public-networks/reference/cli/options.md

@@ -3272,7 +3272,50 @@ rpc-http-authentication-enabled=true
 
 </Tabs>
 
-Enables or disables [authentication](../../how-to/use-besu-api/authenticate.md) for the HTTP JSON-RPC service.
+Enables or disables [authentication](../../how-to/use-besu-api/authenticate.md) for the JSON-RPC HTTP service.
+
+### `rpc-http-authentication-jwt-algorithm`
+
+<Tabs>
+
+<TabItem value="Syntax" label="Syntax" default>
+
+```bash
+---rpc-http-authentication-jwt-algorithm=<algorithm>
+```
+
+</TabItem>
+
+<TabItem value="Example" label="Example">
+
+```bash
+--rpc-http-authentication-jwt-algorithm=ES256
+```
+
+</TabItem>
+
+<TabItem value="Environment variable" label="Environment variable">
+
+```bash
+BESU_RPC_HTTP_AUTHENTICATION_JWT_ALGORITHM=ES256
+```
+
+</TabItem>
+
+<TabItem value="Configuration file" label="Configuration file">
+
+```bash
+rpc-http-authentication-jwt-algorithm="ES256"
+```
+
+</TabItem>
+
+</Tabs>
+
+The [JWT key algorithm](../../how-to/use-besu-api/authenticate#1-generate-a-private-and-public-key-pair)
+used to generate the keypair for JSON-RPC HTTP authentication.
+Possible values are `RS256`, `RS384`, `RS512`, `ES256`, `ES384`, and `ES512`.
+The default is `RS256`.
 
 ### `rpc-http-authentication-jwt-public-key-file`
 
@@ -4237,14 +4280,57 @@ rpc-ws-authentication-enabled=true
 
 </Tabs>
 
-Enables or disables [authentication](../../how-to/use-besu-api/authenticate.md) for the WebSocket JSON-RPC service.
+Enables or disables [authentication](../../how-to/use-besu-api/authenticate.md) for the JSON-RPC WebSocket service.
 
 :::note
 
 `wscat` doesn't support headers. [Authentication](../../how-to/use-besu-api/authenticate.md) requires you to pass an authentication token in the request header. To use authentication with WebSockets, you need an app that supports headers.
 
 :::
 
+### `rpc-ws-authentication-jwt-algorithm`
+
+<Tabs>
+
+<TabItem value="Syntax" label="Syntax" default>
+
+```bash
+---rpc-ws-authentication-jwt-algorithm=<algorithm>
+```
+
+</TabItem>
+
+<TabItem value="Example" label="Example">
+
+```bash
+--rpc-ws-authentication-jwt-algorithm=ES256
+```
+
+</TabItem>
+
+<TabItem value="Environment variable" label="Environment variable">
+
+```bash
+BESU_RPC_WS_AUTHENTICATION_JWT_ALGORITHM=ES256
+```
+
+</TabItem>
+
+<TabItem value="Configuration file" label="Configuration file">
+
+```bash
+rpc-ws-authentication-jwt-algorithm="ES256"
+```
+
+</TabItem>
+
+</Tabs>
+
+The [JWT key algorithm](../../how-to/use-besu-api/authenticate#1-generate-a-private-and-public-key-pair)
+used to generate the keypair for JSON-RPC WebSocket authentication.
+Possible values are `RS256`, `RS384`, `RS512`, `ES256`, `ES384`, and `ES512`.
+The default is `RS256`.
+
 ### `rpc-ws-authentication-jwt-public-key-file`
 
 <Tabs>

versioned_docs/version-23.10.2/public-networks/how-to/use-besu-api/authenticate.md

@@ -179,7 +179,7 @@ Besu default is `RS256`.
  ```bash
  openssl rsa -pubout -in privateRSAKey.pem -pubout -out publicRSAKey.pem
  ```
- 
+
 </TabItem>
 
 <TabItem value="ES256 secp256r1 ECDSA Keys" label="`ES256 secp256r1 ECDSA Keys">

versioned_docs/version-23.10.3/public-networks/how-to/use-besu-api/authenticate.md

@@ -179,7 +179,7 @@ Besu default is `RS256`.
  ```bash
  openssl rsa -pubout -in privateRSAKey.pem -pubout -out publicRSAKey.pem
  ```
- 
+
 </TabItem>
 
 <TabItem value="ES256 secp256r1 ECDSA Keys" label="`ES256 secp256r1 ECDSA Keys">

versioned_docs/version-24.1.0/public-networks/how-to/use-besu-api/authenticate.md

@@ -179,7 +179,7 @@ Besu default is `RS256`.
  ```bash
  openssl rsa -pubout -in privateRSAKey.pem -pubout -out publicRSAKey.pem
  ```
- 
+
 </TabItem>
 
 <TabItem value="ES256 secp256r1 ECDSA Keys" label="`ES256 secp256r1 ECDSA Keys">