Context:
- Okta auth servers automatically rotate their signing keys (unless I set this to manual).
- The Okta.AspNetCore NuGet package is very helpful for validating access tokens. (as shown in this helpful guide: Protect your API endpoints | Okta Developer)
My question:
If I am using this Okta.AspNetCore NuGet package in my API to validate access tokens, and if the auth server rotates keys while my API is running, do I need to restart my API to get the new signing keys? Or will this Okta.AspNetCore NuGet package perform some kind of polling to get the new keys automatically?
I’m assuming that the Okta.AspNetCore NuGet package does not automatically get the new keys for me, and that I would have to either restart my API or implement a polling solution to automatically get the new keys.
If I do need to implement a polling solution, is there possibly an example solution for this? I would like to keep using the Okta.AspNetCore NuGet package basically as shown in the Okta guide if possible.