Public Key Cache Non-Refresh Interval in seconds
This property is only relevant when the property Enable internal checking of JWT signature is set to true.
The agent caches AM public keys used for JWT signing. When the agent receives a JWT using a key not in its cache, it will invoke AM to retrieve the current list of valid keys.
This property prevents the agent from invoking AM "too often" after it has already done so.
This property helps to mitigate DoS attacks whereby a hacker floods a site with requests using JWTs containing deliberately invalid key ids.
Ordinarily this would cause the agent to flood AM with requests, but with this property set to a non zero value, there is a window in which AM is not invoked,
excess network traffic is not generated and all JWTs containing unknown keys are rejected.
Property name |
|
Aliases |
|
Function |
Authentication service |
Type |
Integer |
Default |
|
Bootstrap property |
No |
Required property |
No |
Restart required |
No |
Local configuration file |
|