Skip to main content

Fire Arrow 2.5.1

· One min read
Till Gerken
Till Gerken
CTO

Fire Arrow 2.5.1 has been released.

  • (bugfix) Refresh Azure Identity key stores on every request

Azure Identity is a variant of the OAuth authentication method. Fire Arrow uses it to authenticate backend services. To validate incoming requests, authentication tokens are cryptographically validated against public keys found in a key store. An implementation difference between OAuth and Azure Identity caused the key stores not to be refreshed for every incoming request, which led to a situation where a client signed their token with a newer key than was known to Fire Arrow.

This release ensures that the key store is always up to date before validating incoming tokens.