OAuth Key Update Worker
ENTERPRISE This is an EJBCA Enterprise feature.
The service periodically downloads public keys for the configured provider(s) and updates the internal configuration accordingly. The main purpose of this service is to automatically handle provider key rollover, especially in environments where rollover may be sudden and out of control of an EJBCA administrator. The selected providers must have Public Key input method set to Provide Key Config URL and have a valid URL configured. For configuration details, see OAuth Provider Management.
Setting |
Description |
Providers to Check |
Select the configured provider(s) to update keys for. |
Period |
How often the service should update public keys from the provider. The rollover period varies between providers. For example, Azure recommends 24h intervals, see Microsoft docs on Signing key rollover in the Microsoft identity platform. |
Active |
Select to activate the service. |
When the service is executed, there will be log entries showing if the update was successful and listing the updated keys.