Skip to content

JWKs

Trust registries support JWK verification using a list of trusted keys.

Not to be confused with JWK signing keys

Trust registry JWKs are used only for verifying third-party credentials against a list of trusted keys, not for credential issuance.

Supported JWK algorithms

  • RS256

  • RS384

  • RS512

  • ES256

  • ES384

  • EdDSA

FIPS mode

EdDSA is not available when operating in FIPS mode.

Usage

import { createJWK } from "@vaultie/document-rails";

const response = await createJWK(
    client,
    accessToken,
    organizationId,
    {
        jwk: {
            alg: "ES256",
            kty: "EC",
            crv: "P-256",
            x: "btw7rjzBUi83xUog9POEcQaYQHjaPy8D4rUFw1IBiIQ",
            y: "sufGyClKJViFAzC4oQInZbfU5zbrRWrgGGna3ELEfHs",
        },
    }
);