Jan BrennenstuhlMay 13, 2025

If you are a SaaS product with SDKs that offer user authentication features (ie. allowing your customers to supply signed user JWTs to API requests), please also think about key material lifecycles and treat security as a firstclass citizen in your product. I don’t want to be forced to copy and paste my public keys into your UI manually. That’s not necessary, error prone and renders scheduled key rotations nearly impossible. JWKs are a great alternative! Thanks.

#jwt #jwk #authentication

lestrratApr 1, 2025

jwx v3.0.0 is out! #golang #jwt #jwk #jws #jwe

https://github.com/lestrrat-go/jwx/discussions/1335

🎉 v3.0.0 released · lestrrat-go jwx · Discussion #1335

🎉 v3.0.0 has been released! v3 further streamlines the API for flexibility and ease of use. While all packages received significant updates, the jwk package has gone through the most significant ch...

GitHub
Jan BrennenstuhlJan 21, 2025

Have a look at Zalando‘s latest engineering blog where I talk about how we automated cryptographic key rotation for our customer identity provider using JWKs.

#OIDC #Identity #JWK

https://engineering.zalando.com/posts/2025/01/automated-json-web-key-rotation.html

Zalando Engineering Blog - JSON Web Keys (JWK): Rotating Cryptographic Keys at Zalando

Secret rotation is a vital security measure in many contexts. Learn how we automate this process using JSON Web Keys (JWKs) to enhance the security of our customer identity provider.

Zalando Engineering Blog
KrzysiekMay 25, 2024

In The End | Wojska Specjalne | Polish SOF | JWK | GROM | AGAT
https://youtu.be/sjHIikig-Ko?si=P_eb1Hhu2SfWg-Pz

#polska #JWK #grom #agat #PolishSOF

In The End | Wojska Specjalne | Polish SOF | JWK | GROM | AGAT

YouTube