Hi, I’m trying to verify JWT token at server side. And I found a way here GitHub - auth0/java-jwt: Java implementation of JSON Web Token (JWT). When verify the token, the private key can be null. I’m simply curious how I can get the private key. Or it’s not visible to us. Thanks.
For JWT’s issued by the Auth0 service using the RSA256 approach you will not be able to get access to the private key. This key is specific to your tenant and managed by the service on your behalf so you will not have access to it.
You will only have access to the public key which you can use to validate the tokens.
1 Like
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.