JWKS setup
Last updated
Was this helpful?
Last updated
Was this helpful?
To securely validate a signed JWT, it is recommended to use .
The application must ensure that the generated key pair is translated into format. One or more JWK objects are then offered under a JWKS endpoint: https://YOUR_DOMAIN/path-to/jwks.json
.
Because the public keys are now available under a fixed URL, a key can be revoked or rotated with ease.