Access Token signing key rotation
#
AboutAccess Token signing key rotation implies that the secret key for signing the access tokens will be changed at a fixed time interval. This reduces the risk of key theft.
info
- Existing logged in users are not logged out on key change.
- This feature is enabled by default.
#
Changing this settingThe Access Token signing key rotation feature can be switched on / off and its interval can be set through the following configurations
- With Docker
- Without Docker
docker run \ -p 3567:3567 \ -e ACCESS_TOKEN_SIGNING_KEY_DYNAMIC=true \ -e ACCESS_TOKEN_SIGNING_KEY_UPDATE_INTERVAL=168 \ -d registry.supertokens.io/supertokens/supertokens-<db name>
# You need to add the following to the config.yaml file.# The file path can be found by running the "supertokens --help" command
access_token_signing_key_dynamic: trueaccess_token_signing_key_update_interval: 168
access_token_signing_key_dynamic
- If this is set to
true
, the access token signing key will change every fixed interval of time. - It must be set to a
boolean
value with, the default value set totrue
.
- If this is set to
access_token_signing_key_update_interval
- Time in hours for how frequently the signing key will change.
- It must be set to a
number
value with, the default value set to168
info
For managed service, these values can be updated by visiting our dashboard.