Implications of signing key rotation

dsebastiampillai · March 24, 2022, 5:27am

Hi everyone,

I have received an email from Auth0 asking to initiate a rotation of the key.

I understand the process however I am not entirely sure of the implications. Would you be able to help me understand if
• There will be any changes to our already set up users
• There is any specific change I need to make to the users to ensure they are shifted to the new key
• Or is this just going to be a backend shift?

Just want to make sure I understand the implications before revoking the previous key!

Thanks for your help on this.

tyf · March 25, 2022, 4:44am

Hi there @dsebastiampillai welcome to the community!

Please check out this article which has a section on the impact signing key rotation. Regarding users in particular, you may also want to take a look at this FAQ post which goes into potential implications to users (issued tokens) when rotating signing keys.

Hope this helps!

tyf · April 9, 2022, 4:45am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Find usage of previous signing key? Help signing_key	2	1875	June 16, 2022
Does a regular web app use the signing keys? Help auth0-configuration	3	2045	May 24, 2022
Force Signing Cert Rotation Help certificate	2	3195	September 20, 2019
Caching JWKS signing key JWT.io jwks	5	23717	September 4, 2019
Tenant Signing Key Rotation Knowledge Articles signing , certificate , key , samlp , saml2 , rotation , seamless	1	4469	March 12, 2024

Implications of signing key rotation

Related Topics