Hi @robcool • Thank you for reaching out.
In Azure AD B2C, you can roll over the keys periodically, or immediately in case of emergency for security purposes, The rollover frequency may vary depending on each organization's individual policy.
An Azure AD B2C key container can contain multiple keys. You can use the option highlighted below for this purpose. For auto rollover, you must set only one of those keys as active at any one point in time. When the current key's expiration time has elapsed and the key container contains a new key with valid not before and expiration times, the new key will become active automatically.
Read More: Azure AD B2C Key Rollover
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.