Validate JWT token - unique public key

Hi !

I have a question. i’m using Auth0 to provide service account to my API (machine to machine).

Each time someone call the API, the token provided is veryfied based on the public key.
I’ve noticed that two machine to machine account has the same public key (and that’s cool for me, because i don’t want to update my validation with new public key for every new user added to my auth0 account).

Is this “normal” ? Will the public key change at a certain time ?


Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?