You can now Rotate Signing Keys!

You can now Rotate Signing Keys via the MGMT Dashboard or API!

Customers can rotate the Signing Keys that are used to sign assertions sent to clients, via the Manage Dashboard or MGMT API for:

  • OAuth 2.0 & OIDC ID and access tokens
  • SAML assertions
  • WS-Fed assertions

All Auth0 customers can begin using this feature right away.

Documentation links:

What other features would you like to see? Submit your ideas to our feedback page.

Give it a try and let us know what you think!

1 Like

1 Like

Is there a way to notify a service that a key rotation has happened?

I’m asking because, when I have a FaaS setup and suddendly the keys start failing, all the functions would hit the key endpoint at once, probably triggering a limit.

Some stores to share the keys between functions are eventually consistent, so the functions won’t know for a few seconds that a key update is already in progress.

The easiest way would be an Auth0 hook extension point, I guess.

Hey there @kay-is!

Unfortunately there isn’t an option for this at the moment. I will encourage however to file a feature request for that using our product feedback form:

2 Likes

This topic was automatically closed after 4 days. New replies are no longer allowed.