Add Private Key JWT authentication to your .NET application to empower security in sensitive contexts.
Read more…
Brought to you by @andrea.chiarelli
Got questions? Don’t worry; we’re like the cool teachers who encourage asking!
Is my understanding correct, this would be an alternative to m2m client secrets? So with m2m client secrets there isn’t a simple way to rotate credentials. But with this, we could have multiple public keys in Auth0 and it would let you rotate easily because there are two keys in play, and Auth0 could check against both. Please correct if I’ve misunderstood.
You are right, @sha256.
However, although you have two keys in play, it is recommended to minimize the time that they are simultaneously active