1. Click Access and then go to Token Validation > OAuth Key Management.
  2. Choose to enable or disable key rolling:
    • To enable key rolling, select the Key Roll Enabled check box.
    • To disable key rolling, clear the Key Roll Enabled check box.
  3. To specify the interval at which you want to roll keys, enter a value (in hours) in the Key Roll Enabled (H) field.
  4. From the Signing Algorithm list, select a signing algorithm to protect the integrity of the token when you use private key JSON Web Token (JWT) OAuth client authentication.

    If you select Automatic, you will use the algorithm specified in the OpenID Provider (OP) metadata.

  5. Click Save.