Retrieve the JSON Web Key Set for an OIDC issuer in Vultr IAM. Access the public keys used to verify token signatures from the federated identity provider.
The JWKS (JSON Web Key Set) endpoint returns the public keys registered for an OIDC issuer. These keys are used to verify the signature of JWT tokens issued by the identity provider. External systems fetch this endpoint to validate tokens during authentication flows.
This guide explains how to retrieve an OIDC issuer's JWKS using the Vultr API.
Send a GET request to the List OIDC Issuers endpoint to retrieve all issuers.
$ curl "https://api.vultr.com/v2/oidc/issuer" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
Note the id of the issuer whose JWKS you want to retrieve.
Send a GET request to the Retrieve OIDC Issuer JWKS endpoint. Replace {issuer-id} with the issuer id.
$ curl "https://api.vultr.com/v2/oidc/issuer/{issuer-id}/jwks" \
-X GET
The keys array contains the public keys in standard JWK format. Each key includes the key ID (kid), key type (kty), algorithm (alg), and the RSA public key components (n and e).