Skip to content

Comments

ATO-2208: new version 2 signing keys build#7878

Open
Louisasa wants to merge 6 commits intomainfrom
ATO-2208-new-new-signing-keys-build
Open

ATO-2208: new version 2 signing keys build#7878
Louisasa wants to merge 6 commits intomainfrom
ATO-2208-new-new-signing-keys-build

Conversation

@Louisasa
Copy link
Contributor

@Louisasa Louisasa commented Feb 22, 2026

Wider context of change

We want to rotating our external token signing keys again. As part of this we need to re-point our signing code at the new keys, so that we can use these new keys to sign our externally issued tokens. This adds a feature flag and enables it in dev/build.

What’s changed

  • Adds a new feature flag to control which keys we use to sign our new tokens
  • Conditionally signs our tokens using the new key depending on the flag

Manual testing

Checklist

  • Lambdas have correct permissions for the resources they're accessing.
  • Impact on orch and auth mutual dependencies has been checked.
  • Changes have been made to contract tests or not required.
  • Changes have been made to the simulator or not required.
  • Changes have been made to stubs or not required.
  • Successfully deployed to authdev or not required.
  • Successfully run Authentication acceptance tests against sandpit or not required.

Related PRs

#7867

@Louisasa Louisasa requested review from a team as code owners February 22, 2026 16:40
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 22, 2026

Quality Gate Failed Quality Gate failed

Failed conditions
78.8% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Louisasa