Signing JWT Token in Rule with Tenant's Private Key


In the Redirect from Rule scenario, I understood that we need to sign the JWT token containing information being passed to the SPA. Must we create our own private/public key pair to do so, or can we use the existing Tenant’s private key to sign the token with?

Thank you

Hey @calqulate, the tenant’s private key cannot be accessed for this, so you need to either use your own key pair (in case of RS256) or your own secret (in case of HS256).

1 Like

Thanks for providing that knowledge @thameera!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.