ilooner
Reputation: 2550
Azure JWT Token Key Rotation
Azure makes the public keys for jwt tokens available here:
https://login.microsoftonline.com/common/discovery/v2.0/keys
Are these keys rotated and replaced? If so how frequently?
Upvotes: 1
Views: 1352
Answers (1)
Rohit Saigal
Reputation: 9664
I don't think that frequency is disclosed as public information.
Here is related information from Microsoft Docs.
Signing key rollover in Azure Active Directory
For security purposes, Azure AD’s signing key rolls on a periodic basis and, in the case of an emergency, could be rolled over immediately. Any application that integrates with Azure AD should be prepared to handle a key rollover event no matter how frequently it may occur.
Upvotes: 2
Related Questions
- Azure Access Token - Invalid Signature in Jwt.io
- Why RefreshToken received form azure active directory is not in JWT format
- Azure AD Signing Keys for JWT
- Azure AD JWT Token Validation options
- How jwt token get reissued in azure ad OuthImplicitFlow
- Azure active directory JWT Public key changing
- Azure Active Directory JWT aud value
- Azure Active Directory Client Credential Flow
- Windows Azure Active Directory Bearer Authentication
- Issue with jwt-bearer authorization grant in Azure AD