What is the lifetime of JWKs from the OIDC discovery document for Zitadel?

Original message was deleted

FFO•2/20/23, 1:34 PM

GitHub

ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era. - zitadel/defaults.yaml at main · zitadel/zitadel

FFO•2/20/23, 1:38 PM

The PrivateKey controls how long we use a key to sign tokens and the PublicKey controls how long we keep them published (even after their usage)

FFO•2/20/23, 1:39 PM

So in other words we generate a new keypair each 6 hours and keep the public key 24h longer published

FFO•2/20/23, 1:39 PM

yes

FFO•2/20/23, 1:39 PM

Happy to help