Welcome to the JWKS Catalog
The JWKS Catalog is a centralized, open resource designed for developers and security professionals to easily locate, compare, and evaluate public JSON Web Key Set (JWKS) endpoints from popular services. This site aggregates key endpoints from well-known providers to simplify the discovery of cryptographic keys used in modern authentication systems.
Catalog Purpose
- Simplification and Comparison: Quickly find and compare the implementation of JWKS endpoints across different providers.
- Reference and Research: Use this catalog to understand how various popular services implement token validation and key distribution.
- Community Driven: Contributions are welcome! Add or update entries for any public-facing, popular sites by submitting the relevant JWKS and OIDC configuration endpoints on GitHub.
Understanding the Endpoints
This catalog features two types of endpoints:
- OpenID Connect (OIDC) Endpoints
-
OIDC endpoints provide configuration information as defined in the
RFC 8414.
They offer a discovery mechanism for client applications to obtain necessary configuration data for authentication.
Note: Not all services expose a full OIDC configuration endpoint; in such cases, only the JWKS endpoint may be available. - JWKS Endpoints
- JSON Web Key Set endpoints, standardized in RFC 7517, allow clients to retrieve public keys used to verify the signatures of tokens (such as JWTs). These keys are critical for ensuring token integrity and authenticity.