Broadleaf makes use of private and public keys in services when signing and verifying the JWT tokens that are issued. This allows us to be sure that the tokens were issued by one of our services and have not been manipulated by a third party. The Generating Private and Public Keys for JWTs article will be a reference on a simple way to generate keys that are compatible with our services.
The following Updating Client Credentials guide will show you how to override the default credentials.
The Caching guide shows you how to enable the out-of-box Ignite caching mechanisms, how to identify & override each service’s relevant cache instances, & describes how enabling these caches will affect the memory footprint of your deployment. This guide also communicates how you would go about replacing the out-of-the-box Apache Ignite support with a different Spring Cache compatible cache implementation.