Forum Discussion

Grant_Trevor's avatar
Grant_Trevor
Copper Contributor
Nov 14, 2019

OIDC Azure Signing Key Rollover Guidance

We're having some issues with manually obtaining the correct certificate thumprints after Signing Key's are rolled over. Where using Open ID Connect to authenticate users via Azure AD and then forwarding their authorised details onto an AWS Cognito Identity Pool which requires all the correct thumprints to be configured in order to verify the token that has been provided.

 

We have follow the steps provided by aws https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html

to obtain a thumprint however this only ever results in one, whereas clearly there should be two or more

What is the correct way to obtain the right thumprints. The guidance here https://docs.microsoft.com/en-us/previous-versions/azure/dn641920(v=azure.100)?redirectedfrom=MSDN#manually-retrieve-the-latest-key-and-update-your-application is outdated.

No RepliesBe the first to reply

Resources