When migrating, what happens to our existing tokens

  • Do our existing JWT tokens continue to work?

  • This depends on how the JWT was signs, but is probably fine, especially if JWTs are only used in APIs. It's very typical to want to ensure that existing JWTs are accepted as long as they haven’t expired. You'll also need to ensure that new JWTs from FusionAuth are also accepted.

    So this is really a question of making sure the JWT producers and consumers have the correct signing secrets.

    You can solve this by sharing the secrets between the old system and FusionAuth (check out the Keymaster to import existing keys or making sure your clients can look up the keys from a JWKS endpoint from both the old and the new system.

Log in to reply