Overview of JWKS
JWKS (JSON Web Key Set) represents a set of cryptographic keys in JSON format.
It is mainly used in the context of OAuth 2.0 and OpenID Connect (OIDC) to expose public keys used for signature verification.
For example, ID providers like Auth0 and Cognito provide a JWKS endpoint,
and API servers fetch the public keys from this endpoint to verify JWT (JSON Web Token) signatures.
Structure of JWKS
A JWKS has a keys array, which contains individual key information (JWK).
{
"keys": [
{
"kty": "RSA",
"use": "sig",
"alg": "RS256",
"kid": "unique-key-id",
"n": "...",
"e": "AQAB"
}
]
}- kty: Key Type (e.g., RSA, EC)
- use: Public Key Use (e.g., sig = signature)
- kid: Key ID. Used to identify the key when multiple keys exist.
Generating JWKS with DevToolKits
You can use our JWKS Generator to generate RSA key pairs directly in your browser
and get both the JWKS JSON and the private key (PEM).
💡 Tip: It safely runs entirely within your browser without sending private keys to any server. Ideal for local development and testing.