JWK (JSON Web Key) is a standard that enables the definition of key materials for digital signatures and encryption in JSON format. JWK supports both symmetric and public/private key pairs and these keys can be used for a wide range of usage scenarios.

On Apinizer, you can create JWKs, or import an existing JWK to Apinizer using either a URL or the clipboard.

The picture below shows the JSON Web Keypair creation settings:


The fields used for JSON Web Keypair creation configuration are shown in the table below.

Field

Description

Name

A name can be given to a JWK to facilitate its usage and management.

Description

A description can be given to a JWK to facilitate its usage and management.

Source of JWK

Specifies the source from which JWK will be created. The available types are:

  • Generate

  • Import from URL

  • Copy from clipboard

  • Convert from Keystore


If the JWK creation type is selected as "Generate", the following fields become active:

Field

Description

Key Type

JWK type can be one of these:

  • RSA: RFC 3447 (Public-Key Cryptography Standards PKCS)

  • EC: Elliptic Curve (DSS)

  • OCT: Octet Sequence (Symmetric Key)

  • OKP: Octet Key Pair (RFC 8037)

The algorithms/curve values are subject to variation based on these parameters.

Key Use

Identifies if the key is intended to be used for signature or encryption

Key Length

Key length in byte

Algoritm

JWK algorithm

Curve

JWK curve type

Key Id

This option specifies how the ID of the JWK to be created will be generated.


If the JWK creation type is selected as "Import from URL", the following fields become active:

Field

Description

URL

Access address of the JWK set is specified.

Connect Timeout

Connection timeout in milliseconds for the connection to the access address where the JWK set is located.

Read Timeout

Read timeout in milliseconds for the connection to the access address where the JWK set is located.

Size Limit

Maximum size of the data to be read from the access address where the JWK set is located, in bytes.

Key Id

ID of the desired JWK to be retrieved from the access address where the JWK set is located. Even if there are multiple JWKs available at the URL address, only one can be defined at a time on Apinizer.

If the JWK creation type is selected as "Copy from Clipboard", the following fields become active:

Field

Description

This field is used to enter the text representation of the JWK set.

Key Id

This field is used to specify the ID of the JWK to be retrieved from the JWK set. Even if there are multiple JWKs in the text field, only one definition can be made on Apinizer at the same time.

If the JWK creation type is selected as "Convert from Keystore", the following fields become active:

Field

Description

Key Store

This field is used to specify from which keystore the JWK will be created.

 

JWK Algorithm

If the JWK creation type is selected as "Generate from keystore", the "alias" value in the keystore is used as the Key Id.