class StytchB2B::Sessions
def get_jwks(
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
The type of this field is list of +JWK+ (+object+).
The JWK
keys::
An object with the following fields:
== Returns:
The type of this field is +String+.
The `project_id` to get the JWKS for.
project_id::
== Parameters:
If you're using your own JWT validation library, many have built-in support for JWKS rotation, and you'll just need to supply this API endpoint. If not, your application should decide which JWKS to use for validation by inspecting the `kid` value.
If you're using one of our [backend SDKs](https://stytch.com/docs/b2b/sdks), the JWKS roll will be handled for you.
JWTs have a set lifetime of 5 minutes, so there will be a 5 minute period where some JWTs will be signed by the old JWKS, and some JWTs will be signed by the new JWKS. The correct JWKS to use for validation is determined by matching the `kid` value of the JWT and JWKS.
JWKS are rotated every ~6 months. Upon rotation, new JWTs will be signed using the new key set, and both key sets will be returned by this endpoint for a period of 1 month.
Get the JSON Web Key Set (JWKS) for a project.
def get_jwks( project_id: ) headers = {} query_params = {} request = request_with_query_params("/v1/b2b/sessions/jwks/#{project_id}", query_params) get_request(request, headers) end