Retrieve the Tenant's Signing Certificate in JWK Format
get
/admin/v1/SigningCert/jwk
Request
There are no request parameters for this operation.
Back to TopResponse
Supported Media Types
- application/json
200 Response
Tenant's signing certificate in JWK format
Root Schema : SigningCertsJWK
Type:
object
Tenant's signing certificates in JWK format
Show Source
-
keys:
array keys
This field contains a list of the tenant's signing certificate keys.
Nested Schema : keys
Type:
array
This field contains a list of the tenant's signing certificate keys.
Show Source
-
Array of:
object keys
A complex attribute that represents the keys
Nested Schema : keys
Type:
object
A complex attribute that represents the keys
Show Source
-
alg:
string
Public key signing algorithm
-
e:
string
Public Key Exponent.
-
key_ops(optional):
array key_ops
This field contains a list of key operations.
-
kid:
string
Unique Key Identifier.
-
kty:
string
Key Type Parameter Value.
-
n:
string
Public key modulus
-
x5c:
array x5c
This field contains a list of the X.509 Certificate chain.
-
x5t:
string
X.509 Certificate SHA-1 Thumbprint - Base 64 URL Encoded
Nested Schema : key_ops
Type:
array
This field contains a list of key operations.
Show Source
-
Array of:
string
A simple attribute that represents the key operations.
Nested Schema : x5c
Type:
array
This field contains a list of the X.509 Certificate chain.
Show Source
-
Array of:
string
A simple attribute that represents the X.509 Certificate chain
Examples
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. The following example shows how to retrieve the tenant's signing certificate in JWK format by submitting a GET request on the REST resource using cURL. The x.509 certificate chain parameter (x5c) returns the individual certificates within the certificate chain separately in Base64 format. For more information about cURL, see Use cURL.
cURL Command
Note:
The command in this example uses the URL structurehttps://tenant-base-url/resource-path
, where
tenant-base-url
represents the Identity Service URL, and the resource path represents the Identity Service API. See
Send Requests for the appropriate URL structure to use.
curl
-X GET
-H "Content-Type:application/json"
-H "Authorization: Bearer <Access Token Value>"
https://tenant-base-url/admin/v1/SigningCert/jwk
Example of Response Body
The following example shows the contents of the response body in JSON format:
{
"keys": [
{
"kty": "RSA",
"e": "AQAB",
"x5t": "wCAFGcBT8CeA4U2mYa4z3xg0-Zw",
"kid": "SIGNING_KEY",
"x5c": [
"MIIDQzCCAiugAwIBAgIGAU+7bWHIMA0GCSqGSIb3DQEBCwUAMFExGzAZBgNVBAoTEk9yYWNsZSBDb3Jwb3JhdGlvbjEhMB8GA1UECxMYaWRlbnRpdHkub3JhY2xlY2xvdWQuY29tMQ8wDQYDVQQDEwZHbG9iYWwwHhcNMTUwOTExMDgwMjMxWhcNMjUwOTExMDgwMjMxWjBRMRswGQYDVQQKExJPcmFjbGUgQ29ycG9yYXRpb24xITAfBgNVBAsTGGlkZW50aXR5Lm9yYWNsZWNsb3VkLmNvbTEPMA0GA1UEAxMGR2xvYmFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWVFlx+E925RYQjPnKpKtHLqUonJMI1/xyM1f4Orly9RzpcaXX7ajEkgMAzffL3rsvBQkPLmO0vHIHs4KNdWoVUmbLZerjDdfLZQl3FZuXcZKXtzVOLyBVt2SNp/k23VgyGN7+8tiAJWC9SFIPBdWD8U2dxqM9izSEn9pvoMyR5iyaEoZepazJQPLysrF23g1/gI8Bo2EUAHdO5atfGfT2YQbZPSOBWiq09QYwMRBuI0Ye0TI3GwYs1x3/2LoporOj+fkYCl4ki4JK2ifwk+TA5o29cdNSuSoA7rTZL3u+dNw0c6OPxvnW6LtCn4RpieZTh7W2sYLg8ozBwd3PHNTwIDAQABoyEwHzAdBgNVHQ4EFgQUi9Fzo9g57klDG3Kv0nK+8IhbtrIwDQYJKoZIhvcNAQELBQADggEBAKx9sZvbGiQnbO/BfgdlXwloqwjZHT3Byr91Pqp0zXrdg/QaUMIOiJQ8A85d5ptccpgNrYzIukSdFUzRP0kugyNzdFXBZ9/muhSkiFBdfBBdEwqXprdZBHcwWng9t2iww4tvzVhw06ZcIYyGUo8/e8erXmiOt9WeFhi7utQg+gyKw01RvaP73ApCpMuQjxTh7QgQNh02Xo+1QStYLFGcv+ZqHhTZwqOndZiQ68t7JcbGaZmNMxKwR4Z1go+RZ+4Ffa8d9rH1OiXWNB6ukGawQdcfZWNlUWcA7ntRSCfKP5UeDcNpHBDCVZSTvnpAEB42jiTuRuWfuA5Lq0rTDxapmzI="
],
"alg": "RS256",
"n": "xWVFlx-E925RYQjPnKpKtHLqUonJMI1_xyM1f4Orly9RzpcaXX7ajEkgMAzffL3rsvBQkPLmO0vHIHs4KNdWoVUmbLZerjDdfLZQl3FZuXcZKXtzVOLyBVt2SNp_k23VgyGN7-8tiAJWC9SFIPBdWD8U2dxqM9izSEn9pvoMyR5iyaEoZepazJQPLysrF23g1_gI8Bo2EUAHdO5atfGfT2YQbZPSOBWiq09QYwMRBuI0Ye0TI3GwYs1x3_2LoporOj-fkYCl4ki4JK2ifwk-TA5o29cdNSuSoA7rTZL3u-dNw0c6OPxvnW6LtCn4RpieZTh7W2sYLg8ozBwd3PHNTw"
}
]
}