JWKS

JWK set settings for an OAuth / OIDC client
​
In order to verify a signature of request objects coming from a client, or to provide encrypted ID tokens to a client, you have to register the client's public key to IDPartner for signature verification and/or message encryption.
The following example illustrates the usage of mkjwk.org service to generate a key pair for encryption.
​
By clicking “Generate” button, the tool shows the generated keys in various formats. We will use “Public and Private Keypair Set” in this example.
​
​
​
The original JWK set is as follows.

{
    "keys": [
        {
            "kty": "EC",
            "d": "4AEnTq3H8gcIutIoJCCZuv9GgWdKRaoJIXQkdM8r0UA",
            "use": "enc",
            "crv": "P-256",
            "kid": "_agec7UaYVN4c3RZQJQhUuR6nFSnqEXywv3QaIfFRFk",
            "x": "ilLNQ-Lcp_t5DBs9puJVI3JhwqlMndTILjkBrNd3Dsc",
            "y": "3Uy7NIHilkOWviGXMRIl2ZUE4L7Mc8ub4VhosE3l8t8"
        }
    ]
}

Remove a private key below.

"d": "4AEnTq3H8gcIutIoJCCZuv9GgWdKRaoJIXQkdM8r0UA",

The result is as follows.
{
    "keys": [
        {
            "kty": "EC",
            "use": "enc",
            "crv": "P-256",
            "kid": "_agec7UaYVN4c3RZQJQhUuR6nFSnqEXywv3QaIfFRFk",
            "x": "ilLNQ-Lcp_t5DBs9puJVI3JhwqlMndTILjkBrNd3Dsc",
            "y": "3Uy7NIHilkOWviGXMRIl2ZUE4L7Mc8ub4VhosE3l8t8"
        }
    ]
}

This JSON document is to be used as a JWK set of the client's public key.
​
Registering Your App
Building Your App
Last modified 7mo ago