JWKS Endpoints
These endpoints allow you to retrieve the public keys needed to verify any access token
issued by our authorization server (iss=nopwd.io).
Nopwd uses the JSON Web Key (JWK) specification to represent the cryptographic keys used for signing P256 tokens. This specification defines two high-level data structures: JSON Web Key (JWK) and JSON Web Key Set (JWKS). The public key is in the JWKS Format, enabling you to verify the signature of all generated access tokens
.
Method | Resource | Purpose |
---|---|---|
GET | /jwks/:kid | Returns a specific JSON Web Key (JWK) |
GET | /jwks | Returns a set of JSON Web Keys (JWKS) |
GET /jwks/:kid
Returns a JWK identified by its kid
.
Parameters
Param | Type | Mandatory | Description |
---|---|---|---|
:kid | Path | Yes | The unique identifier for the signing key |
Response
Response Codes
Code | Description |
---|---|
200 | Request was successful. |
404 | The key doesn’t exist or has been revoked. |
Usage
GET /jwks
Returns all valid JSON Web Keys (JWKs).
Response
Response Codes
Code | Description |
---|---|
200 | Request was successful. |