Handling signed tokens - PingDataGovernance

Handling signed tokens - PingDataGovernance - 8.2

PingDataGovernance

bundle

pingdatagovernance-82

ft:publication_title

PingDataGovernance

Product_Version_ce

PingDataGovernance 8.2

category

Product

pdg-82

pingdatagovernance

ContentType_ce

Page created: 31 Aug 2020 |

Page updated: 9 Feb 2021

| 1 min read

8.2 PingDataGovernance Product

All access tokens the JWT access token validator handles must be cryptographically signed by the token issuer. The JWT access token validator validates a token's signature using a public signing key provided by the issuer.

Configure the JWT access token validator with the issuer's public signing key in one of two ways:
- Store the public key as a trusted certificate in PingDataGovernance Server's local configuration using the trusted-certificate property.
- Provide the issuer's JWKS (JSON Web Key Set) endpoint using the jwks-endpoint-path property. The JWT access token validator then retrieves the issuer's public keys when it initializes. This method ensures that the JWT access token validator uses updated copies of the issuer's public keys.