Hello,
By using io.jsonwebtoken we can generate the secret key programmatically, but how can it be done in auth0 jwt?
SecretKey key = Keys.secretKeyFor(SignatureAlgorithm.HS512);
String secretString = Encoders.BASE64.encode(key.getEncoded());
System.out.println("Secret key: " + secretString);
Any thoughts here?
Thanks
Yougesh
Hi Yougesh 
Welcome to the community 
So whilst symmetric key encryption is an option, Auth0 prefers to use asymmetric key encryption when generating JWT signatures. You can read more about this here. Asymmetric key encryption is much more manageable and reduces security risk as the private key is only ever generated, held and managed by Auth0.
Hope this helps 
@peter.fernandez Thanks for the answer, that helps.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.