JWKS endpoints
These two endpoints are used to retrieve the public keys to verify any access token
issued by our authorization server (iss=nopwd.io).
Nopwd uses the JSON Web Key (JWK) specification to represent the cryptographic keys used for signing P256 tokens. This specification defines two high-level data structures: JSON Web Key (JWK) and JSON Web Key Set (JWKS)
Public key is in the JWKS Format so you can verify the signature for all generated access token
.
Method | Ressources | Purpose |
---|---|---|
GET | /jwks/:kid | Returns a specific JSON Web Key (JWK) |
GET | /jwks | Returns a set of JSON Web Key (JWK) |
GET /jwks/:kid
Returns a JWK identified by its kid
.
Parameters
Param | Type | Mandatory | Description |
---|---|---|---|
:kid | Path | Yes | represents the unique identifier for the signing key |
Response
Response Codes
Code | Description |
---|---|
200 | You did great. |
404 | This key doesn’t exist or has been revoked. |
Usage
GET /jwks
Returns all valid JSON Web Keys (JWK).
Response
Response Codes
Code | Description |
---|---|
200 | You did great. |