/
Jwk
Jwk
- Kristoffer Kristoffer (Unlicensed)
Owned by Kristoffer Kristoffer (Unlicensed)
06 Apr 2020
Analytics
Loading data...
Jwk is a standard endpoint that returns the public part of keys used for signing. The keys are later used for token signature validations.
Overview
| URL | https://<oidc-baseurl>/protocol/openid-connect/certs |
|---|---|
| Request | GET without parameters |
| Authentication | None |
| Success response | 200 OK with JSON structure according to standard. |
| Error response | Applicable http code |
| Example | See below |
The recommended practise for merchants is to the Jwk URL from Openid-configuration rather than hardcoding the below URL value.
Example
The following example shows a request / response pair for the jwk endpoint
Request / Response
GET /auth/realms/preprod/protocol/openid-connect/certs HTTP/1.1
Host: oidc-preprod.bankidapis.no
Connection: close
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Postman-Token: 4020ad1f-2042-705d-6f30-af411ba995af
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
Date: Thu, 16 Nov 2017 12:16:14 GMT
Server: WildFly/10
Cache-Control: no-cache
X-Powered-By: Undertow/1
Content-Type: application/json
Content-Length: 462
Via: 1.1 oidc-preprod.bankidapis.no
Connection: close
{
"keys": [
{
"kid": "7VFZIZvRPNcYRQFTpD80uIhIiUPxYCdhKhR6nv2CBrg",
"kty": "RSA",
"alg": "RS256",
"use": "sig",
"n": "p1Z7qISnjzmtsg5C6wTolfmWgf7hRh6RMgqpeBxxMGvQRAjzvJmR_UMUXJgWoSpQIVW8UrsHTehLBlFfEbOpOeKhHNbmgysRHQTaMotKRuJCT2hCvNy_irL7_TWfg3vJk1TbDh4AS9n457ayQ-PaepfYXYHysRxtf2z_v5H6t1az1iMyJR9GhREw1P3O_bZNSwG4lwBuBeTmE7Ex4b0nI7A5IVoYfacyac-HSCHzGsstQR4sLpXypuqUrP64xDjJWSq8O3eyRx5ly7uBHSRLDIU6Sd94KlforOvJHIq35rDFlQXZsqhmTUmZnA2SdCrvc1MwyLOEmWIAk7xAcfHGIw",
"e": "AQAB"
}
]
}
, multiple selections available,