This topic has 2 replies, 2 voices, and was last updated 2 years, 8 months ago by [email protected].

  • Author
  • #27483


    does anyone know if the authorization code issued by AM is unique?



     Neil Madden

    Yes, they are unique. In older versions they are random UUIDs with about 122 bits of entropy. In newer AM they are 160-bit random values. (In both cases this is cryptographically secure randomness from a SecureRandom).

    It’s extremely unlikely that you’d ever see a duplicate value from either of these. You can read a little more about it here: (Note that the calculations for UUIDs are extreme numbers)


    Thanks for the precise answer!

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?