Abstract

Authentication of tokens and associated are used to provide a just-in-time key synchronization for user access to a service in a cloud computing environment which includes a plurality of availability zones with an identity service, a storage system, and a keystore. The encryption keys are distributed by the storage system based on a user access request containing a token with a payload and a current user cryptographic key. The token is then sent to the keystore to authenticate the user. The keystore authenticates the user and sends the token with the current cryptographic key to the storage system. The storage system receives the token with the current cryptographic key and grants access to the user for the service.