Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Jenny Luo (JennyL51)
Carrollton Enterprise Services
Product Architect
Carrollton Enterprise Services
US
JennyL51 Member since 2022 3 posts
Carrollton Enterprise Services
Posted: Jun 28, 2022
Last activity: Jun 28, 2022
Posted: 28 Jun 2022 13:59 EDT
Last activity: 28 Jun 2022 16:24 EDT
Closed

Understanding JWT Encryption

We have a requirement that involves us encrypting JWTs, using RSA256 for key encryption and AES128 for content encryption.

When we generate the keystore, does it need to have both the RSA and AES keys? 

The Token Profile only references one alias; is this referring to the key encryption key? How does Pega know what key to use for content encryption?

 

***Edited by Moderator Marissa to add Capability tags***
To see attachments, please log in.
Pega Platform 8.7
Security
Financial Services
Lead System Architect

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice