Overview

Janssen Server supports /jwks metadata endpoint and publishes its JSON Web Key Set (JWKS) at this endpoint. This endpoint publishes signing keys as well as encryption keys used by Janssen Server. RP can use these keys to validate signatures from Janssen Server, and also to perform encryption and decryption. Like other metadata endpoints, this is not a secure endpoint. Further details on this endpoint and JWKs can be found in OpenID Connect Discovery specification.

URL to access jwks endpoint on Janssen Server is listed in the response of Janssen Server's well-known configuration endpoint given below.

https://janssen.server.host/jans-auth/.well-known/openid-configuration

jwks_uri claim in the response specifies the URL for jwks endpoint. By default, the jwks endpoint looks like below:

https://janssen.server.host/jans-auth/restv1/jwks

This endpoint is always enabled and can not be disabled using feature flags.

Configuration Properties

End session endpoint can be further configured using Janssen Server configuration properties listed below. When using Janssen Text-based UI(TUI) to configure the properties, navigate via Auth Server->Properties.

• jwksUri
• jwksAlgorithmsSupported
• mtlsJwksUri

Want to contribute?

If you have content you'd like to contribute to this page in the meantime, you can get started with our Contribution guide.

---

Last update: 2023-08-03
Created: 2023-01-09