Last Updated: Nov 1, 2024
Overview
Using applications that rely on the Auth0 JWKS endpoint for the JWT token verification experience timeouts on the JWKS endpoint.
Applies To
- Java
- Timeout
- JWKS Endpoint
Solution
The JWKS endpoint needs to be cached to avoid frequent calls to it. Whenever possible, we recommend prefetching the keys instead of waiting for the cache to expire. Prefetching can help avoid intermittent failures during the login flow due to the latency in this endpoint after the cache is invalidated.
For the Spring framework, in particular, you may check this GitHub issue that may help to prefetch the JWKS endpoint.
Also, based on this comment this functionality may be available in nimbus-jose-jwt soon.