Storing priv/pub keys for JWT
When the Robert server generates a JWT token (/report
), it needs to access a private key. The TACW server needs to access the corresponding public key.
Question(s):
- Where do we store the private and public keys
- What microservices have access to that store? JWT generation/validation should happen there.