fix: improve key rotation (#1107)

* key rotation * fix: rotate signing key * cleanup * introspect * testingapplication key * date * client keys * fix client keys * fix client keys * access tokens only for users * AuthMethodPrivateKeyJWT * client keys * set introspection info correctly * managae apis * update oidc pkg * cleanup * merge msater * set current sequence in migration * set current sequence in migration * set current sequence in migration * ensure authn keys uptodate * improve key rotation * fix: return api config in ApplicationView * fix mocks for tests * fix(mock): corrected unit tests for updated mock package Co-authored-by: Stefan Benz <stefan@caos.ch>
2025-12-06 01:42:13 +00:00 · 2021-02-23 15:07:42 +01:00
parent 16a47c6542
commit f60d200d5a
34 changed files with 590 additions and 433 deletions
--- a/cmd/zitadel/startup.yaml
+++ b/cmd/zitadel/startup.yaml
@@ -107,7 +107,8 @@ Auth:
    PublicKeyLifetime: 30h
    EncryptionConfig:
      EncryptionKeyID: $ZITADEL_OIDC_KEYS_ID
-    SigningKeyRotation: 10s
+    SigningKeyRotationCheck: 10s
+    SigningKeyGracefulPeriod: 10m

 Admin:
  SearchLimit: 1000