mirror of
https://github.com/logto-io/logto.git
synced 2024-12-16 20:26:19 -05:00
38ad63f9d4
to fit CHANGELOG markdown files
23 lines
944 B
Markdown
23 lines
944 B
Markdown
---
|
|
"@logto/cli": minor
|
|
---
|
|
|
|
**CLI**
|
|
|
|
**Rotate your private or secret key**
|
|
|
|
We add a new command `db config rotate <key>` to support key rotation via CLI.
|
|
|
|
When rotating, the CLI will generate a new key and prepend to the corresponding key array. Thus the old key is still valid and the service will use the new key for signing.
|
|
|
|
Run `logto db config rotate help` for detailed usage.
|
|
|
|
**Trim the private or secret key you don't need**
|
|
|
|
If you want to trim one or more out-dated private or secret key(s) from the config, use the command `db config trim <key>`. It will remove the last item (private or secret key) in the array.
|
|
|
|
You may remove the old key after a certain period (such as half a year) to allow most of your users have time to touch the new key.
|
|
|
|
If you want to remove multiple keys at once, just append a number to the command. E.g. `logto db config trim oidc.cookieKeys 3`.
|
|
|
|
Run `logto db config trim help` for detailed usage.
|