---
title: How to Retrieve OIDC Issuer JWKS
url: https://docs.vultr.com/platform/iam/oidc/oidc-issuers/how-to-retrieve-oidc-issuer-jwks
description: Retrieve the JSON Web Key Set for an OIDC issuer in Vultr IAM. Access the public keys used to verify token signatures from the federated identity provider.
publish_date: 2026-03-24T19:52:52.089676Z
last_updated: 2026-04-28T15:37:46.303452Z
---

The JWKS (JSON Web Key Set) endpoint returns the public keys registered for an OIDC issuer. These keys are used to verify the signature of JWT tokens issued by the identity provider. External systems fetch this endpoint to validate tokens during authentication flows.

This guide explains how to retrieve an OIDC issuer's JWKS using the Vultr API.

1. Send a `GET` request to the [**List OIDC Issuers** endpoint](https://www.vultr.com/api/#tag/oidc/operation/list-oidc-issuers) to retrieve all issuers.

    ```console
    $ curl "https://api.vultr.com/v2/oidc/issuer" \
        -X GET \
        -H "Authorization: Bearer ${VULTR_API_KEY}"
    ```

    Note the `id` of the issuer whose JWKS you want to retrieve.

1. Send a `GET` request to the [**Retrieve OIDC Issuer JWKS** endpoint](https://www.vultr.com/api/#tag/oidc/operation/get-oidc-issuer-jwks). Replace `{issuer-id}` with the issuer id.

    ```console
    $ curl "https://api.vultr.com/v2/oidc/issuer/{issuer-id}/jwks" \
        -X GET
    ```

    The `keys` array contains the public keys in standard JWK format. Each key includes the key ID (`kid`), key type (`kty`), algorithm (`alg`), and the RSA public key components (`n` and `e`).