I have set RS256 algorithm to be used to encode/decode JWT token. This involves make request for JWKS to Auth0 to validate and decode JWT token. To avoid make request every time I cached the public key for the first time and use it for further validation/decode.
Now I’m trying to implement that whenever public key is invalid then make request to Auth0 to get new public key. I don’t know what would be the error case when public key become invaild. Or will the public key go invalid at any point of time?
Note: I store the public key in cache forever