Open dhiaayachi opened 2 weeks ago
Thanks for reporting this issue. The Temporal Server uses a cache for the RSA key returned by keySourceURIs
. We are aware of this issue and have a feature request to address key rotation. We have not yet added a mechanism to refresh the cache automatically.
You can work around this issue by:
keySourceURIs
.We appreciate your patience while we work on adding automatic key rotation to the Temporal Server.
Expected Behavior
We would expect a way to make Temporal aware of the key rotation.
Actual Behavior
It looks like Temporal caches the RSA keys returned from "keySourceURIs". See https://stackoverflow.com/questions/77305403/need-with-with-authentication-in-temporal-cluster
Steps to Reproduce the Problem
Steps described for example here https://devblogs.microsoft.com/ise/2023/07/12/temporal-mtls-sso/#3-running-temporal-server-with-authorization-enabled
Specifications