Hi All,
We have couple of client at remote area with little or no internet and we provide the application to their own infrastructure. we are exploring the option for identity Management and Okta for our clients who has access to internet but we are exploring the option for the client that does not have internet access.
Did Okta support Offline validation.? We are using .net core 7.0.
Thanks
Hello,
Okta tokens can be validated locally with a JWT Verifier assuming the verifier has access to the correct public keys to valid the token signature.
A client still needs a way to obtain tokens and at least periodically download the authorization server keys.
Thank You,
Hello Erik,
Thanks for the Response.
How often we need to download token( once in a day/ every hour etc.)?.
Also, can we do Manuel key/token transfer or client need direct access for downloading the token?.
Thanks
Pankaj
Hello Pankaj,
The secure approach to obtain an access_token is for the client to authorize and retrieve the token directly. If this can’t be done then each integration will need to come up with a secure solution so the token does not get compromised. This will be unique to every situation.
As far at frequency of getting a new token Okta defaults to a 60 minute lifetime before a token is no longer valid. This can be increased up to 24 hours depending on your security needs.
The below URL has best practices for downloading and caching signing keys.
Thank You,