Skip to main content
The Get User JWKs endpoint allows you to retrieve JSON Web Keys (JWKs) used to verify the signatures of tokens issued by the authentication service. JWKs are a JSON-based data structure representing cryptographic keys and are commonly used in secure applications to ensure token integrity. To retrieve the JWKs, make a GET request to the following endpoint: 
curl --request GET \
  --url https://dev-iam.razi.ai/v1/authentication/token/jwks \
  --header 'X-App-Name: '
If the request is successful, the server will return a JSON object containing one or more keys. Each key in the keys array represents a public key used to verify tokens. 
{
  "keys": [
    {
      "alg": "ES256",
      "crv": "P-256",
      "kid": "key1",
      "kty": "EC",
      "use": "sig",
      "x": "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_",
      "y": "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"
    }
  ]
}

Response Fields

keys: An array of key objects, where each object contains the following fields:
  • alg: The algorithm used with the key. In this example, ES256 stands for the ECDSA algorithm using the P-256 curve and SHA-256 hash function.
  • crv: The curve parameter for elliptic curve keys. Here, P-256 specifies the NIST P-256 curve.
  • kid: The key ID, which is a unique identifier for the key.
  • kty: The key type, which indicates the cryptographic algorithm family used by the key. For instance, EC stands for elliptic curve.
  • use: The intended use of the key, such as sig for signature verification.
  • x and y: The public key coordinates for elliptic curve keys, representing the X and Y coordinates on the curve.
Link to Playground