JSON Web Keypair Sets

JWK (JSON Web Key) is a standard that enables the definition of key materials for digital signatures and encryption in JSON format. JWK supports both symmetric and public/private key pairs and these keys can be used for a wide range of usage scenarios.

On Apinizer, you can create JWKs, or import an existing JWK to Apinizer using either a URL or the clipboard.

The picture below shows the JSON Web Keypair creation settings:

The fields used for JSON Web Keypair creation configuration are shown in the table below.

Field

Description

Name

A name can be given to a JWK to facilitate its usage and management.

Description

A description can be given to a JWK to facilitate its usage and management.

Source of JWK

Specifies the source from which JWK will be created. The available types are:

Generate
Retrieve via URL
Paste the content of the JWKs
Convert from Key Store
Convert from Public Key
Convert from Private Key
Convert from Certificate

If the JWK creation type is selected as Generate, the following fields become active:

Field	Description
Key Type	JWK type can be one of these: RSA: RFC 3447 (Public-Key Cryptography Standards PKCS) EC: Elliptic Curve (DSS) OCT: Octet Sequence (Symmetric Key) OKP: Octet Key Pair (RFC 8037) The algorithms/curve values are subject to variation based on these parameters.
Key Use	Identifies if the key is intended to be used for signature or encryption
Key Size	Key length in byte
Curve	JWK curve type
Algorithm	JWK algorithm
Key Id	This option specifies how the ID of the JWK to be created will be generated.

If the JWK creation type is selected as Retrieve via URL, the following fields become active:

Field	Description
URL	Access address of the JWK set is specified.
Connect Timeout	Connection timeout in milliseconds for the connection to the access address where the JWK set is located.
Read Timeout	Read timeout in milliseconds for the connection to the access address where the JWK set is located.
Size Limit	Maximum size of the data to be read from the access address where the JWK set is located, in bytes.
Key Id	ID of the desired JWK to be retrieved from the access address where the JWK set is located. Even if there are multiple JWKs available at the URL address, only one can be defined at a time on Apinizer.

If the JWK creation type is selected as Paste the content of the JWKs, the following fields become active:

Field	Description
JSON Web Keypair Set	This field is used to enter the text representation of the JWK set.
Key Id	This field is used to specify the ID of the JWK to be retrieved from the JWK set. Even if there are multiple JWKs in the text field, only one definition can be made on Apinizer at the same time.

If the JWK creation type is selected as Convert from Key Store, the following fields become active:

Field	Description
Key Store	This field is used to specify from which keystore the JWK will be created.
Environment From	This field is used to specify from which environment the JWK to be created will be created.
Key Store Algorithm	JWK Algorithm
Alias	The Key Id value of the JWK to be created is taken from here.
Use Type	Identifies if the key is intended to be used for signature or encryption.

If the JWK creation type is selected as Convert from Public Key, the following fields become active:

Field	Description
Public Key	This field is used to specify from which key the JWK will be created.
Environment From	This field is used to specify from which environment the JWK to be created will be created.
Key Store Algorithm	JWK Algorithm
Use Type	Identifies if the key is intended to be used for signature or encryption.

If the JWK creation type is selected as Convert from Private Key, the following fields become active:

Field	Description
Private Key	This field is used to specify from which key the JWK will be created.
Environment From	This field is used to specify from which environment the JWK to be created will be created.
Key Store Algorithm	JWK Algorithm
Use Type	Identifies if the key is intended to be used for signature or encryption

If the JWK creation type is selected as Convert from Certificate, the following fields become active:

Field	Description
Certificate	This field is used to specify from which certificate the JWK will be created.
Environment From	This field is used to specify from which environment the JWK to be created will be created.
Key Store Algorithm	JWK Algorithm
Use Type	Identifies if the key is intended to be used for signature or encryption