Invalid JWTs since this morning
We are currently debugging a larger issue where tokens seem to have be invalid since this morning. New tokens are fine, old ones are not. The issue started around 6:50 am. I don't have more information as of now. Was anything changed? I am looking at public keys for token validation, to see if those were rotated.
3 Replies
Hi @DWalder, I'm an AI assistant for ZITADEL. While a team member reviews this question, I'll see if I can find relevant sources for your question.
Answer
I wasn't able to find a direct answer, here are some relevant sources:
1. OpenID Connect and Oauth2 web keys : This documentation explains ZITADEL's key rotation behavior and how web keys are managed for JWT signing and verification.
2. OpenID Connect Endpoints in ZITADEL : Contains information about the JWKS endpoint and key rotation, noting that keys can be rotated without prior notice.
Feel free to tag @Ask Inkeep with additional questions.
Seems to be linked to https://github.com/zitadel/zitadel/issues/10673
hello @DWalder you are correct, this was caused by the issue you are referencing, you can follow the steps mentioned there to fix this, thank you!