Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Add new JWKs endpoint on the standard path

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:
proposed
Deciders:
rishabhpoddar, porcellus
Proposed by:
porcellus
Created:
2022-12-06

Context and Problem Statement#

We already have a jwks endpoint available in the Core, but it's exposed under a non-standard path and non standard format + it requires the core API key.

Considered Options#

  • Leave as-is
  • Move endpoint in a new CDI version
  • Duplicate it in the standard path not taking CDI version into account
  • Add new endpoint on the standard path

Decision Outcome#

We should move the JWKs endpoint in a new CDI version to a standard path:

  • This will make it easier for people to use us with standard JWT verification libs on the backend
  • This will allow the flexibility of users to be able to verify access tokens issued by SuperTokens in their backend APIs without also being forced to expose the JWKs endpoint from their API layer.
  • It should not check the api key or send the extra "status" prop
  • Conforming to standards is always a plus