Auth0 Home Blog Docs

Will public key from JWKS go invalid



I have set RS256 algorithm to be used to encode/decode JWT token. This involves make request for JWKS to Auth0 to validate and decode JWT token. To avoid make request every time I cached the public key for the first time and use it for further validation/decode.

Now I’m trying to implement that whenever public key is invalid then make request to Auth0 to get new public key. I don’t know what would be the error case when public key become invaild. Or will the public key go invalid at any point of time?

Note: I store the public key in cache forever