[keycloak-user] Service Accounts: multiple keys for a given Signed Jwt Authenticator

Adrian Gonzalez adr_gonzalez at yahoo.fr
Thu Feb 8 11:18:58 EST 2018


Hello,
I'm using rfc7523 I've set Client Authenticator=Signed Jwt, and downloaded the jks.

I'd like to know if there is a way to have multiple keys for a given Service Account ?This would provide me with a way of supporting multiple keys at the same time when rotating them.

Is the JWKS URL the only way of handling that ? And in this case, can it support all the keys in the JWK URL at the same time (i.e. case of blue green deployments) ?
Thanks,Adrian


More information about the keycloak-user mailing list