The key used used for HMAC signatures with JWT tokens.

Data Type

string

Default Value

""

Remarks

This property is required when OAuthJWTEncryption is set to an HMAC signature method and unused otherwise.

The value is the HMAC key encoded as base64. The key itself can be any length, if needed the provider pads or hashes the key to match the requirements of the chosen OAuthJWTEncryption method. For best security the key should be at least as long as the hash mutput (for example, 32 bytes for SHA-256).