> ## Documentation Index
> Fetch the complete documentation index at: https://docs.methodfi.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Method JWKS

Retrieves Method's complete JSON Web Key Set (JWKS) containing all public keys used for Message Level Encryption. This endpoint returns all of Method's public keys that you can use to encrypt your requests.

<Note>
  This endpoint returns **Method's** public keys (used for encrypting your requests), not your own registered keys. To manage your own keys, use the [Team JWKS API](/2026-03-30/reference/teams/mle/overview).
</Note>

## Caching

This endpoint includes cache control headers to optimize performance:

```
Cache-Control: public, max-age=3600
```

You should respect these cache headers and cache the response for up to 1 hour to reduce unnecessary requests.

## Key Lifecycle

* **Active Keys**: Use keys with `status: "active"` for encryption
* **Deprecated Keys**: Keys with `status: "deprecated"` will be removed after 90 days
* **Key Identification**: Method JWKs always have their `kid` equal to their `id`

<Warning>
  Always use keys with `status: "active"`. Deprecated keys will be removed from the system after 90 days.
</Warning>

## Returns

Returns a JWKS object containing an array of Method's public keys with their current status and metadata.

<RequestExample>
  ```bash cURL theme={null}
  curl https://production.methodfi.com/.well-known/jwks.json
  ```

  ```javascript Node.js theme={null}
  const response = await fetch('https://production.methodfi.com/.well-known/jwks.json');

  const result = await response.json();
  ```

  ```python Python theme={null}
  import requests

  response = requests.get('https://production.methodfi.com/.well-known/jwks.json')

  result = response.json()
  ```
</RequestExample>

<ResponseExample>
  ```json Response theme={null}
  {
    "keys": [
      {
        "id": "mthd_jwk_12",
        "kid": "mthd_jwk_12",
        "kty": "RSA",
        "use": "enc",
        "alg": "RSA-OAEP-256",
        "n": "s3C9N7Vz...J7c",
        "e": "AQAB",
        "status": "active",
        "created_at": "2024-01-15T10:30:00Z", 
        "updated_at": "2024-01-15T10:30:00Z"
      },
      {
        "id": "mthd_jwk_11",
        "kid": "mthd_jwk_11", 
        "kty": "RSA",
        "use": "enc",
        "alg": "RSA-OAEP-256",
        "n": "x9D2M8Qw...K9f",
        "e": "AQAB",
        "status": "deprecated",
        "created_at": "2024-01-01T08:15:00Z",
        "updated_at": "2024-01-15T10:30:00Z"
      }
    ]
  }
  ```
</ResponseExample>

## Best Practices

* **Cache Responses**: Respect the `Cache-Control` header and cache responses for up to 1 hour
* **Use Active Keys**: Always filter for keys with `status: "active"` when selecting keys for encryption
* **Handle Multiple Keys**: Your application should be able to handle multiple active keys
* **Monitor Webhooks**: Subscribe to `method_jwk.create` and `method_jwk.update` webhooks to stay informed of key changes
* **Graceful Degradation**: Implement fallback logic for when preferred keys become deprecated

## Environment-Specific Endpoints

Method's JWKS endpoints are environment-specific:

* **Production**: `https://production.methodfi.com/.well-known/jwks.json`
* **Sandbox**: `https://sandbox.methodfi.com/.well-known/jwks.json`
* **Development**: `https://dev.methodfi.com/.well-known/jwks.json`