Topics tagged under "jwks" | FusionAuth Forum

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

V

Jwks doesn't have key to match kid or alg from JWT (client credentials token)

General Discussion
• jwks jwt keys client creds • • vlad.koshkarov

2

0
Votes

2
Posts

5.5k
Views

V

The tenant is using the "Default signing key (HS256)" for the access token.
G

Verification of ID Token using RSA public key

General Discussion
• rsa jwks verification validation client-library • • gokul.mahajan20

2

0
Votes

2
Posts

3.5k
Views

D

@gokul-mahajan20

Can you add ----BEGIN to the JWKS certs?
D

I imported a public key and am not seeing the kid in the jwks endpoint.

Q&A
• keys rsa jwks • • dan

2

0
Votes

2
Posts

2.7k
Views

D

We only publish keys that we can use for signing, so a public key all by itself will not be published via JWKS. If you import the entire key pair, it will be published on the JWKS endpoint.

You can also generate a keypair too.
D

My JWKS are always empty

Q&A
• api jwks keys • • dan

2

0
Votes

2
Posts

3.0k
Views

D

Symmetric keys are not returned on the JWKS endpoint, as they don't have a public key. Per the docs this api:

returns public keys generated by FusionAuth, used to cryptographically verify JWTs using the JSON Web Key format

If you create an RSA or EC key which is an asymmetric key pair - the public key will be returned on the JWKS endpoint. If you don’t have any key pairs configured , it will be empty. Out of the box, you’ll only have one HMAC key which we don’t publish in JWKS.

Jwks doesn't have key to match kid or alg from JWT (client credentials token)

Verification of ID Token using RSA public key

I imported a public key and am not seeing the kid in the jwks endpoint.

My JWKS are always empty