JSON Web Key Set (JWKS) Endpoint

The JWKS endpoint provides the public keys used to verify the signatures on JSON Web Tokens (JWTs) issued by the authorization server. This endpoint is crucial for clients to validate the authenticity of tokens they receive.

• Base URL: https://apx.didit.me
• Endpoint: /auth/config/jwks
• Method: GET

Request

This endpoint doesn't require any parameters or authentication.

Example Request

GET /auth/config/jwks HTTP/1.1
Host: apx.didit.me

Response

Returns a JSON object containing a set of JSON Web Keys (JWK), which are public keys used to verify the signature on JWTs.

Example Response

{
  "keys": [
    {
      "crv": "secp256r1",
      "kty": "EC",
      "x": "N2i3CQilcOi7CtTRrBbu22gJE74p5vfdMfcxCYBiQbA",
      "y": "Hk4rrc5JRV3UKge2Hcf2OVbwAgvIYjCtprdjR2ZhUXs"
    }
  ]
}

Response Fields

• keys: An array of JSON Web Key (JWK) objects. Each object represents a public key and contains the following fields:
  • kty: The key type. In this case, "RSA".
  • e: The exponent for the RSA public key.
  • kid: The key ID, a unique identifier for this key.
  • n: The modulus for the RSA public key.

Error Responses

This endpoint typically only returns a 200 OK response with the JWKS JSON. However, in case of errors:

• 405 Method Not Allowed: If any HTTP method other than GET is used.

Example Error Response

{
    "error": "method_not_allowed",
    "error_description": "HTTP method is not allowed. Only GET and OPTIONS may be used."
}

Code Example

const fetchJWKS = async () => {
  const jwksUrl = 'https://apx.didit.me/auth/config/jwks';
 
  try {
    const response = await fetch(jwksUrl);
 
    if (!response.ok) {
      throw new Error(`HTTP error! status: ${response.status}`);
    }
 
    const jwks = await response.json();
    console.log('JWKS:', jwks);
    return jwks;
  } catch (error) {
    console.error('Error fetching JWKS:', error);
    throw error;
  }
};