Skip to content

AUT-5271: Create the new auth-to-adapi kms key#8116

Merged
ChristianSoftwire merged 1 commit intomainfrom
AUT-5271-create-new-auth-to-adapi-kms-key
Apr 7, 2026
Merged

AUT-5271: Create the new auth-to-adapi kms key#8116
ChristianSoftwire merged 1 commit intomainfrom
AUT-5271-create-new-auth-to-adapi-kms-key

Conversation

@ChristianSoftwire
Copy link
Copy Markdown
Contributor

@ChristianSoftwire ChristianSoftwire commented Apr 2, 2026

What

  • Currently, we use the same signing key for all access tokens sent to AMC (if there were access tokens sent for AMAPI and ADAPI they would both be signed with the same key). This needs to change because we will be sending direct requests to the ADAPI from auth as well as through AMC
  • This new key will be used for 2 situations; signing the ADAPI access token we send as claims to AMC and signing the access token when we send a request directly from auth to ADAPI

This PR only covers creating the key to verify it exists. The follow up PRs will involve using this new key to sign the access token sent to AMC and serving the public key on a JWKS endpoint

How to review

  1. Code review

@ChristianSoftwire
AUT-5271: Create the new auth-to-adapi kms key
c490152 
- Currently, we use the same signing key for all access tokens sent to AMC (if there were access tokens sent for AMAPI and ADAPI they would both be signed with the same key). This needs to change because we will be sending direct requests to the ADAPI from auth aswell as through AMC
- This new key will be used for 2 situations; signing the ADAPI access token we send as claims to AMC and signing the access token when we send a request directly from auth to ADAPI

Signed-off-by: Christian Sophocleous <145482922+ChristianSoftwire@users.noreply.github.com>
@ChristianSoftwire ChristianSoftwire requested review from a team as code owners April 2, 2026 14:56
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 2, 2026

Java Tests Skipped

No Java files were changed in this pull request. Java tests will be skipped1.

Any Java files that are changed in a subsequent commit will trigger the Java tests.

Footnotes

  1. These tests will still show as passing in the PR status check, but will not actually have run.

@ChristianSoftwire ChristianSoftwire added this pull request to the merge queue Apr 7, 2026
Merged via the queue into main with commit 5d59c5e Apr 7, 2026
15 of 16 checks passed
@ChristianSoftwire ChristianSoftwire deleted the AUT-5271-create-new-auth-to-adapi-kms-key branch April 7, 2026 08:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alhcomer alhcomer alhcomer approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ChristianSoftwire @alhcomer