As a web developer working with OAuth2 or OpenID Connect (OIDC), youโve likely encountered JWKS (JSON Web Key Set). While services like Auth0 or Cognito handle this for you, setting up a local mock server or testing JWT verification often requires generating your own key sets.
Let's be honest: Running complex OpenSSL commands to extract Modulus ($n$) and Exponent ($e$) just to manually build a JSON object is a pain.
Thatโs why I built a simple, browser-based JWKS Generator.
What is this tool?
Itโs a utility within devtoolkits.app that generates RSA key pairs and formats them into JWKS and PEM instantly.
Key Features
- Instant RSA Generation: Choose between 2048 or 4096 bits.
- Full JWKS Output: Includes
kid,alg, anduseparameters ready to be used in your/.well-known/jwks.json. - Private Key (PEM): Get the private key simultaneously for signing your test JWTs.
- Custom
kid: Specify your Key ID to match your existing system configuration.
How to use it
- Go to JWKS Generator.
- (Optional) Set your
kidor Key Size. - Click "Generate Keys".
- Copy the JWKS JSON for your public endpoint and the PEM for your signing logic.
Best for
- Local Development: Mocking OIDC providers without setting up a real IDP.
- Testing: Verifying your application's JWT signature validation logic.
- Learning: Seeing exactly what goes into a JWKS object.
Wrap up
Security configuration shouldn't be a bottleneck. I hope this tool saves you some terminal-headaches!
Check it out here: https://devtoolkits.app/en/tools/jwks/
Top comments (0)