Cookie: # optional. Name: "iris_sso" Hash: "D*G-KaPdSgUkXp2s5v8y/B?E(H+MbQeThWmYq3t6w9z$C&F)J@NcRfUjXn2r4u7x" # length of 64 characters (512-bit). Block: "VkYp3s6v9y$B&E)H@McQfTjWmZq4t7w!" # length of 32 characters (256-bit). Keys: - ID: IRIS_SSO_ACCESS # required. Alg: EdDSA MaxAge: 2h # 2 hours lifetime for access tokens. Private: |+ -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VwBCIEIFdZWoDdFny5SMnP9Fyfr8bafi/B527EVZh8JJjDTIFO -----END PRIVATE KEY----- Public: |+ -----BEGIN PUBLIC KEY----- MCowBQYDK2VwAyEAzpgjKSr9E032DX+foiOxq1QDsbzjLxagTN+yVpGWZB4= -----END PUBLIC KEY----- - ID: IRIS_SSO_REFRESH # optional. Good practise to have it though. Alg: EdDSA # 1 month lifetime for refresh tokens, # after that period the user has to signin again. MaxAge: 720h Private: |+ -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VwBCIEIHJ1aoIjA2sRp5eqGjGR3/UMucrHbBdBv9p8uwfzZ1KZ -----END PRIVATE KEY----- Public: |+ -----BEGIN PUBLIC KEY----- MCowBQYDK2VwAyEAsKKAr+kDtfAqwG7cZdoEAfh9jHt9W8qi9ur5AA1KQAQ= -----END PUBLIC KEY----- # Example of setting a binary form of the encryption key for refresh tokens, # it could be a "string" as well. EncryptionKey: !!binary stSNLTu91YyihPxzeEOXKwGVMG00CjcC/68G8nMgmqA=