JSON Web Keypair Sets

JWK (JSON Web Key) is a standard that enables the definition of key materials for digital signatures and encryption in JSON format. JWK supports both symmetric and public/private key pairs and these keys can be used for a wide range of usage scenarios.

On Apinizer, you can create JWKs, or import an existing JWK to Apinizer using either a URL or the clipboard.

The picture below shows the JSON Web Keypair creation settings:

The fields used for JSON Web Keypair creation configuration are shown in the table below.

Field

Description

Name

A name can be given to a JWK to facilitate its usage and management.

Description

A description can be given to a JWK to facilitate its usage and management.

Source of JWK

Specifies the source from which JWK will be created. The available types are:

Generate
Import from URL
Copy from clipboard
Convert from Keystore

If the JWK creation type is selected as "Generate", the following fields become active:

Field	Description
Key Type	JWK type can be one of these: RSA: RFC 3447 (Public-Key Cryptography Standards PKCS) EC: Elliptic Curve (DSS) OCT: Octet Sequence (Symmetric Key) OKP: Octet Key Pair (RFC 8037) The algorithms/curve values are subject to variation based on these parameters.
Key Use	Identifies if the key is intended to be used for signature or encryption
Key Length	Key length in byte
Algoritm	JWK algorithm
Curve	JWK curve type
Key Id	This option specifies how the ID of the JWK to be created will be generated.

If the JWK creation type is selected as "Import from URL", the following fields become active:

Field	Description
URL	Access address of the JWK set is specified.
Connect Timeout	Connection timeout in milliseconds for the connection to the access address where the JWK set is located.
Read Timeout	Read timeout in milliseconds for the connection to the access address where the JWK set is located.
Size Limit	Maximum size of the data to be read from the access address where the JWK set is located, in bytes.
Key Id	ID of the desired JWK to be retrieved from the access address where the JWK set is located. Even if there are multiple JWKs available at the URL address, only one can be defined at a time on Apinizer.

If the JWK creation type is selected as "Copy from Clipboard", the following fields become active:

Field	Description
JSON Web Keypair Set	This field is used to enter the text representation of the JWK set.
Key Id	This field is used to specify the ID of the JWK to be retrieved from the JWK set. Even if there are multiple JWKs in the text field, only one definition can be made on Apinizer at the same time.

If the JWK creation type is selected as "Convert from Keystore", the following fields become active:

Field	Description
Key Store	This field is used to specify from which keystore the JWK will be created.
Key Store Algorithm	JWK Algorithm

If the JWK creation type is selected as "Generate from keystore", the "alias" value in the keystore is used as the Key Id.