User17283728058443429135 (Customer) asked a question.
Okta - Client secret rotation and key management - Use a URL to fetch keys dynamically option
Hi, we are currently in analysis to implement client secret rotation for an okta application service.
According to this guide we are exploring the Use a URL to fetch keys dynamically option:
https://developer.okta.com/docs/guides/client-secret-rotation-key/main/
However there doesn`t seem to be any info about any possible authentication mechanism or ways for us to secure this endpoint that will get the public keys. Are there any possible ways to add some security around it ?
Thanks
Hi @User17283728058443429135 (Customer) , Thank you for reaching out to the Okta Community!
This question is more appropriate for our dedicated Okta Developer Forum.
My advice would be to reach out via devforum.okta.com to take advantage of their expertise.
While we'll do our best to answer all of your questions here, this medium is more inclined towards Okta core products and features (non-custom/developer work).
Regards.
--
Help others in the community by liking or hitting Select as Best if this response helped you.