9a2s3 (9a2s3) asked a question.
Question on Signing credential rotation
Hi everyone,
I am very new with Okta and would like to set up the SSO with my app.
I've got everything in place. However, after I key in my okta credential, my app is displaying this error: The JWT token did not pass validation. I asked the support and it mentioned that one of the cause is that the identity provider (IdP) for OAuth is rotating signing keys for the JWT tokens for the authentication procedure periodically. For instance, if Okta rotate every 24 hrs, then I need to make sure M-Files check the metadata for every <24hrs.
As per my screenshot here, the rotation is automatic. Any idea on what is the frequency when it comes to automatic ? Is it 24hrs, 1 month etc ?
Thanks.
Image is not available
The app name is M-Files and here is the link of the explanation.
Hello @9a2s3 (9a2s3) Thank you for reacting out to our Community!
Please see below our articles on token rotation and JWT toke:
https://developer.okta.com/docs/concepts/key-rotation/
https://help.okta.com/en-us/content/topics/security/api-rotate-keys.htm
https://developer.okta.com/code/dotnet/jwt-validation/
Additionally if you need further assistance we recommend to leverage the Okta Developer forums for this type of questions and take advantage of their expertise.
https://devforum.okta.com/
Community members help others by clicking Like or Select as Best on responses. Try it today.
What you missed: new product releases and other announcements