My frontend app makes a lot of backend calls, so if I could avoid a jump to https://AUTH0_DOMAIN/.well-known/ on every call it would be great.
Is it safe to simply hard code it’s contents on my backend?
Hey there @dudumonteiro!
It is safe to store the JWKS on your backend as they are public keys - Just keep in mind that using the JWKS uri (https://YOUR_DOMAIN/.well-known/jwks.json) simplifies key management, especially if signing key rotation is involved.
Hope this helps!