OpenID Connect JWKS Endpoint

This OpenID Connect endpoint is to request the key(s) The Identity Hub uses to sign and/or encrypt tokens. These can be used by the application to validate the ID tokens.

For more information see https://tools.ietf.org/html/draft-ietf-jose-json-web-key-41 and https://openid.net/specs/openid-connect-discovery-1_0.html

For Apps using the JWT Signing Certificate at tenant level

GET /{tenant}/oauth2/v1/certs

For Apps using a JWT Signing Certificate at app level

GET /{tenant}/oauth2/v1/certs/app/{appId}

Requesting the JWKS

Request

GET /{tenant}/oauth2/v1/certs

Example Response

{
  "keys": [
    {
      "kid": "bnUz0k7ozOei_7AaD_sQqJZ8NNw",
      "kty": "RSA",
      "use": "sig",
      "x5c": [ "MIIHYjCCBUqgAwIBAgIIOPotugl6EUMwDQYJKoZIhvcNAQELBQAwaTELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xHjAcBgNVBAMMFVNTTC5jb20gUlNBIFNTTCBzdWJDQTAeFw0xOTAxMTgxMTUwNTFaFw0xOTA0MTgxMTUwNTFaMCsxKTAnBgNVBAMMIGFzcG5ldGRlbW9hcHAudGhlaWRlbnRpdHlodWIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwLBMSgyMpkLm9phPFr0pygNgAyHf4+gCVUjdT033Hz3UqyjtWYK6DgTyz4+95FkpjtfJzG/xzjX9xQJyLDL2yShLwMkdtUyhOgNjO1oZbM0AzC3OLmljaz54Du3cR81RNeeg21nbHlMX36usdnbDX87/mKaLiUuJJCPoSTSLG8SmREdLrKnmosOsxoNKwI29V8vauOYfFRIfO+mFXKrBc/GCRKWbYkHOhjfpvJdrqw8Eg7XbtbA3g9hOoWtOWHRR4inQ9SaK1WszE0uO1moRunVYL+ix0o+y8U3HoCk7y1zObRWbtmr+Bcm8ADtkZdln+MNAyj1mlQTM+Ch7rewyQIDAQABo4IDSjCCA0YwHwYDVR0jBBgwFoAUJhR+4NzXpvfi1AQn32HxwuznMsowcQYIKwYBBQUHAQEEZTBjMD8GCCsGAQUFBzAChjNodHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb21SU0FTU0xzdWJDQS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29tMFEGA1UdEQRKMEiCIGFzcG5ldGRlbW9hcHAudGhlaWRlbnRpdHlodWIuY29tgiR3d3cuYXNwbmV0ZGVtb2FwcC50aGVpZGVudGl0eWh1Yi5jb20wUQYDVR0gBEowSDAIBgZngQwBAgEwPAYMKwYBBAGCqTABAQEFMCwwKgYIKwYBBQUHAgEWHmh0dHBzOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybHMuc3NsLmNvbS9TU0xjb21SU0FTU0xzdWJDQS5jcmwwHQYDVR0OBBYEFLkqmjW4laAs+B1jdnU3L4XStsSUMA4GA1UdDwEB/wQEAwIFoDCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFoYNXU+QAABAMARzBFAiEA4ec3sh4r60bjekkm/17A/0TXTkoJW01qYG0A+FTjOB4CIFmyk1wRZIwdiOWSklYcqboaWW5snwTa86absfJ/tUJgAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFoYNXUeQAABAMARzBFAiARlqx/qROEbSSmyouoTMzBPdy48QH7qvsjnVPi4ByzbQIhAIiUyE/WZNAmvAEvPYTE3DNUQKQ4x8xGlFVxAEq5uSiCAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFoYNXVHwAABAMARzBFAiEAm7X+/UtZo/CxKVOd4a8cBKH5jC3xHc9e0dXvxhunZTYCIG5SIEdPhry6k5CuSStK/CUaurldlOGR0sWMlMGhBRKuMA0GCSqGSIb3DQEBCwUAA4ICAQBoTRzhTa3avrImOqkd6dMAutv+ldy4BYAwFXuA9nXZAM9XZmyT6WcRU1VnvLypj66VUzTktkv+oL7+8XT4LOS8VB7mbgHIyQyVNvMo7eprZZuXE3jqVFcNfkhn77zkftKChDj7ZdXj4EYY+mqP9nxJxcpZaHhDRVw0vhHlao4ekJV1eRtO5nvgMgQ5CiAcXswbMab2+6lY6lS90urC1nqezaNDLwfmBz7a0cefgquW2IX1ArNjF/CKq9QYyDOZVrgZgcnmbMx7aU7Q1syb4UE+J1Wqtqqo5ig1VLGIdcMh5TuF3XafbOuIZxDhYmsgQWSZ5leuCg7R9wSjlZh9C1ae2knQaGWEbRgwyzYIBWO6bl0e/hTyASIn7nwWOPOglVfYbbSs0YdZQmCs/0fI/mCbaBXBoo0bNrW1/zAZy3MnKXfkoXA1qaXXxTP/+Sv0fasKnpY3KtrUgG9S5GyP0atSX7pFGeizcuakjGKTIB8EJt42G9mVDpg/Kdl+ldqJDKtkge5kgNcYzsurzWD/sJtSs6O3LG+vda3zbJZyhzpbAUFcGLMkc8ntuE50a/n4dFflHbgQ+tP8PRX/fOVOc51nYju/itTO2zKMNqgszpFgX7LZY9ugjEJUN9PUAFiX4qvq212L8MjBrlyEtkB71vaYtq02zJwXKrYYgxA0M0NTGA==" ],
      "x5t": "bnUz0k7ozOei_7AaD_sQqJZ8NNw"
    }
  ]
}