Issues on upgrading UAA 3.6.0 to 3.12.0?
We've been running UAA 3.6 on production and need to upgrade to 3.12. One requirement is that we will need to retain the validity of the token that was issued by UAA 3.6 after the upgrade.
We used the default key for token signing in 3.6, in the upgrade we will use a new key, so I like to know the way how the client be able to verify the signature of the old valid tokens while the new tokens will be signed by a new key after upgrade to 3.12?
We recommend that you upgrade to 3.16.0 to make sure you get all securitytoggle quoted messageShow quoted text
The UAA you are upgrading to supports multiple keys.
Here is an example
add both your new and old keys into the configuration. Then set the
activeKeyId to be the new key.
The old key will be used to verify existing tokens only. The new key will
be used to sign new tokens.
When you believe the time is right, you can remove the old key from the
configuration. any tokens still signed with the old key will then be
On Mon, May 8, 2017 at 4:23 PM, Sam Leong <sam.leong(a)quicken.com> wrote: