Where is the RSA public key?

kkrp1 · December 14, 2023, 1:42pm

I’m trying to understand how to validate an RS256 JWT. This guide says I need the RSA public key for this, which I can obtain from application > settings > advanced settings > certificates > signed certificate > public key.

But this field does not exist, at least for me. The fields under certificates that I have are:

signing certificate (contains a cert beginning -----BEGIN CERTIFICATE----
signing certificate fingerprint
signing certificate thumbprint

rueben.tiow · December 14, 2023, 9:06pm

Hi @kkrp1,

Thanks for reaching out to the Auth0 Community!

To verify the signature of a token from one of your applications in RS256,

We recommend that you get the Public Key from your tenant’s JWKS here: https://{yourDomain}/.well-known/jwks.json

Reference:

RS256 vs HS256 JWT signing algorithms

Please let me know if you have any questions.

Thanks,
Rueben

system · December 28, 2023, 9:07pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Verify RS256-signed JWT tokens Help oauth-2-0 , protocols	2	1544	March 29, 2023
Where is the Auth0 public key to be used in jwt.io to verify the signature of a RS256 token? Help auth0 , certificate , jwtio , rsa	6	40398	September 15, 2022
Unable to validate RSA256 access token Help rsa256 , verify-token	2	5009	March 2, 2018
How to validate the jwt on server? Help login-experience , new-universal-login-experience	2	2889	August 18, 2023
RSA256/JWKS JWT validation using Auth0's `java-jwt` and `jwks-rsa-java` Help java-jwt-support-doc	5	21696	October 17, 2022

Where is the RSA public key?

Related topics