JWKS Endpoint
JWKS (JSON Web Key Set)
Endpoint:
GET /relid/authserver/.well-known/jwks.json
Description:
Retrieves the set of public keys used by the AuthServer to sign and verify JWTs. These keys can be used by clients to validate ID tokens and access tokens issued by the AuthServer.
🔐 Authentication
No authentication required.
📥 Request Headers
No headers required.
📥 Query Parameters
No query parameters.
📤 Request Body
No request body.
📬 Response Fields
| Field | Type | Description |
|---|---|---|
keys | array | Array of JSON Web Keys |
keys[].kty | string | Key type (e.g., RSA) |
keys[].kid | string | Key ID – unique identifier for the key |
keys[].n | string | Public key modulus (base64url encoded) |
keys[].e | string | Public key exponent (base64url encoded) |
📘 Example Request (cURL)
curl 'https://auth.relid.com:8006/relid/authserver/.well-known/jwks.json' \
-X GET \
-H 'Accept: application/json'📘 Example Response
{
"keys": [
{
"kty": "RSA",
"kid": "c4ceb980-7d42-11e9-8f9e-2a86e4085a59",
"n": "zsLPyV8rILI1R3L0Gr_-... (modulus)",
"e": "AQAB"
}
]
}📝 Notes
- These keys are used to validate tokens (e.g.,
id_token) issued by the AuthServer. - Your JWT library must support RS256 (or the algorithm used) to use these keys for verification.
Updated 3 months ago