Why do I need a private key to verify a JWT?

tyf · March 16, 2024, 1:03am

Thanks for following up on this - I agree the language there is a bit confusing FWIW if you are using RS256 jwt.io should automatically verify the signature for you without having to paste in your public key at all. It does this by using the issuer iss claim to call the jwks endpoint and use the public key from there.

Topic		Replies	Views
RS256 vs HS256 What's the difference? Blog Discussions	4	2476	May 5, 2023
If we can not get the private key when use choose RSA256 as JWT signature algorithm JWT.io private-key	2	8340	March 28, 2019
Where is the Auth0 public key to be used in jwt.io to verify the signature of a RS256 token? Get Help auth0 , certificate , jwtio , rsa	6	41901	September 15, 2022
Why does the token change when private key is entered in verify signature? JWT.io jwt , api	5	265	August 6, 2024
Java-jwt - How to supply RSA keys? Get Help	2	1658	June 20, 2023

Why do I need a private key to verify a JWT?

Related topics