Understanding JWT Encryption
We have a requirement that involves us encrypting JWTs, using RSA256 for key encryption and AES128 for content encryption.
When we generate the keystore, does it need to have both the RSA and AES keys?
The Token Profile only references one alias; is this referring to the key encryption key? How does Pega know what key to use for content encryption?
***Edited by Moderator Marissa to add Capability tags***