• repomaa

    repomaa

    1 year ago
    i know, it's not optimal, but it would simplify verification for systems, that already support jwt verification
  • r

    rp

    1 year ago
    The JWT signing keys are managed by supertokens itself:- A public / private key is generated and stored in the db. The public key is used to verify - The keys are changed on a regular basis for improved security. So at the moment, you can't set on global key unfortunately.
  • repomaa

    repomaa

    1 year ago
    mh ok
  • r

    rp

    1 year ago
    But if we were to add this feature, how would that work?
  • repomaa

    repomaa

    1 year ago
    i'd expect you'd be able to pass the token as an env var
  • repomaa

    repomaa

    1 year ago
    or docker secret
  • repomaa

    repomaa

    1 year ago
    *key
  • r

    rp

    1 year ago
    A public private key you mean?
  • repomaa

    repomaa

    1 year ago
    hopefully a private private key 😄
  • r

    rp

    1 year ago
    what do you mean by private private key?