Each key ID (
kid) can only be registered once. Choose either direct or well-known registration for each unique key.Body
The type of key registration. One of
direct or well_knownContact email for the key registration.
The JSON Web Key object. Required for direct registration, null for well-known.
URL to your JWKS endpoint. Required for well-known registration, null for direct.
Well-Known Endpoint Requirements
If usingtype: "well_known", your endpoint must return a JWKS that meets these requirements:
- Must have a top-level field named
keysthat has a list as its value. - For a JWK (an item in list of
keys) to be valid the following must be met:- JWK must be an object
- JWK must have a field named
ktyand it must be equal toRSA - JWK must have a field
nand it must be a string that is validnfor a JWK in accordance to the RFC - JWK must have a field
eand it must be a string that is validefor a JWK in accordance to the RFC - JWK can optionally have a field named
algbut if it is provided the value must beRSA-OAEP-256 - JWK must have a field
kidand it must be a string that is a valididwhich will be passed ascidwhen making requests to Method