There are multiple articles online, which tell you about the process to setup an self hosted integration runtime, and I understand we need to copy the authentication key provided by ADF and use it when registering the integration runtime on self hosted machine.
But I would like to understand:
(1) more details on how this handshake actually happens ? Does the auth key have certificate thumbprint ?
(2) does this key gets refreshed to ensure better security ?
Two main statements:
1.Self-hosted integration runtime node encrypts the credentials by using Windows Data Protection Application Programming Interface (DPAPI) and saves the credentials locally.
2.Azure Data Factory communicates with the self-hosted integration runtime via a control channel that uses a shared Azure Service Bus Relay connection.
Actually you could get more details about the Self-Hosted Command flow,especially the No.3 and No.4 points.
Based on my investigations, there is no evidence that the auth key will be refreshed.If you concerns the security anyway, you could refresh it manually by yourself.