Hi all!
We’re getting ready to deploy a wallet-like app that uses a custom Web3Auth JWT provider that we will also run. I want to have a contingency plan for changing the JWT signing key, but I haven’t found any documentation on how that affects the verifier. Specifically, in case we need to roll the JWT signing key,
- Other than updating the value returned by the JWKS URL, do we need to make any changes to the verifier when rotating JWT signing keys?
- Will rotating the keys affect existing users’ wallet addresses?
- Will existing authentication sessions be terminated automatically?
Thanks in advance!
When asking for help in this category, please make sure to provide the following details:
- SDK Version: 8.3.0
- Platform: web
- Browser Console Screenshots: n/a
- If the issue is related to Custom Authentication, please include the following information (optional):
- Verifier Name:
- JWKS Endpoint:
- Sample idToken (JWT):
Also, kindly provide the Web3Auth initialization and login code snippet below. This will help us better understand your issue and provide you with the necessary assistance.