Configuring auth token management - PingAccess - 8.0

PingAccess

bundle
pingaccess-80
ft:publication_title
PingAccess
Product_Version_ce
PingAccess 8.0 (Latest)
category
Product
pa-80
pingaccess
ContentType_ce

To define the issuer and signing configuration used by JSON Web Token (JWT)JSON Web Token (JWT)JWT An IETF standard container format for a JSON object used for the secure exchange of content, such as identity or entitlement information. To read the industry standard, see RFC 7519 identity mappings, configure auth token management.

  1. Click Access and then go to Identity Mappings > Auth Token Management.
  2. To enable key rolling using the specified key roll interval, click Key Roll Enabled.
  3. To indicate how often, in hours, you want to roll the keys, specify the Key Roll Interval (h).

    Key rollover updates keys at regular intervals to ensure the security of the signed auth tokens.

  4. In the Issuer field, specify a published, unique issuer identifier to use with auth tokens.
    Set the issuer to a value that more closely represents your company. PingAccess inserts this value as the iss claim within the auth token.
  5. In the Signing Algorithm field, select the signing algorithm used to protect the integrity of the auth tokens.

    The default is ECDSA using P-256 Curve.

  6. Click Save.