I have various microservices. I have implemented security using JWT. Each service validates the JWT token by the key which is being shared across all the services.
Is it fine to share same signature key for JWT across all the microservices?
I can't implement this at the API gateway as I have to use certain libraries which requires spring security to be triggered in every microservice.