JWK set settings for an Authlete service

Preface


This article explains how to register a JWK set for an Authlete service.

Preparing a JWK set


First, this article assumes that you have prepared a JWK set in some way. The following example illustrates usage of mkjwk.org service to generate an ES256 key pair, and parameters specified for it. 
  • Key Type: EC (Elliptic Curve)
  • Curve: P-256
  • Key Use: Signing
  • Algorithm: ES256
  • Key ID: 1

Registering the JWK set via Service Owner Console


Copy the generated content in the "Public and Private Keypair Set" section, paste it to the service's "JWK Set Content" section in "JWK Set" tab and click "Update" button.

JWK Set Content

Now the JWK set has been registered in the service.

Registering the JWK set via Authlete API


You can use Authlete's service management APIs to register the JWK set instead of using the Web console described above. The following example illustrates how to make a request to /service/update API to specify the JWK set as a value of "jwks" key.

curl -X POST {Authlete API}/service/update/{Service API Key} \
-u {Service Owner API Key}:{Service Owner API Secret} \
-H 'content-type: application/json' \
-d '{ "jwks": "{\"keys\":[{\"kty\":\"EC\",\"d\":\"eb4BggIO87SUjzP1M56MeXj0NQajWBwpwiDq8yoL5n4\",\"use\":\"sig\",\"crv\":\"P-256\",\"kid\":\"2019-07-25_02\",\"x\":\"f8a6jovcRTNLDWi3_c62YcW_3ZN-GH1RkiVOZgSgIYI\",\"y\":\"EB3R8W12a3tgZfNer1RP0DizT3qpRybGw_krfsE0JzY\",\"alg\":\"ES256\"}]}"}'
How did we do with this article?