Where is the RSA public key?

kkrp1 · December 14, 2023, 1:42pm

I’m trying to understand how to validate an RS256 JWT. This guide says I need the RSA public key for this, which I can obtain from application > settings > advanced settings > certificates > signed certificate > public key.

But this field does not exist, at least for me. The fields under certificates that I have are:

signing certificate (contains a cert beginning -----BEGIN CERTIFICATE----
signing certificate fingerprint
signing certificate thumbprint

rueben.tiow · December 14, 2023, 9:06pm

Hi @kkrp1,

Thanks for reaching out to the Auth0 Community!

To verify the signature of a token from one of your applications in RS256,

We recommend that you get the Public Key from your tenant’s JWKS here: https://{yourDomain}/.well-known/jwks.json

Reference:

RS256 vs HS256 JWT signing algorithms

Please let me know if you have any questions.

Thanks,
Rueben

system · December 28, 2023, 9:07pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Verify RS256-signed JWT tokens Help oauth-2-0 , protocols	2	1527	March 29, 2023
Where is the Auth0 public key to be used in jwt.io to verify the signature of a RS256 token? Help auth0 , certificate , jwtio , rsa	6	40265	September 15, 2022
Verifying RS256 token using downloaded certificate Help token , jwks , rs256 , certificate	8	4931	March 2, 2018
To visually verify RS256-signed tokens Help oauth-2-0 , protocols	2	109	June 26, 2024
How to verify signature in the debugger for RS256? JWT.io jwt-debugger , jwtio	2	5071	August 27, 2019

Where is the RSA public key?

Related Topics