Skip to main content

Access Token signing key rotation

About#

Access Token signing key rotation implies that the secret key for signing the access tokens will be changed at a fixed time interval. This reduces the risk of key theft.

info
  • Existing logged in users are not logged out on key change.
  • This feature is enabled by default.

Changing this setting#

The Access Token signing key rotation feature can be switched on / off and its interval can be set through the following configurations

docker run \  -p 3567:3567 \  -e ACCESS_TOKEN_SIGNING_KEY_DYNAMIC=true \  -e ACCESS_TOKEN_SIGNING_KEY_UPDATE_INTERVAL=168 \  -d registry.supertokens.io/supertokens/supertokens-<db name>
  • access_token_signing_key_dynamic
    • If this is set to true, the access token signing key will change every fixed interval of time.
    • It must be set to a boolean value with, the default value set to true.
  • access_token_signing_key_update_interval
    • Time in hours for how frequently the signing key will change.
    • It must be set to a number value with, the default value set to 168
info

For managed service, these values can be updated by visiting our dashboard.

What type of UI do you want to use?
Custom UI
Pre built UI