Get OIDC keys

GET /api/configs/oidc/{keyType}
OAuth2

Get OIDC signing keys by key type. The actual key will be redacted from the result.

Path parameters

  • keyType string Required

    Private keys are used to sign OIDC JWTs. Cookie keys are used to sign OIDC cookies. For clients, they do not need to know private keys to verify OIDC JWTs; they can use public keys from the JWKS endpoint instead.

    Values are private-keys or cookie-keys.

Responses

GET /api/configs/oidc/{keyType} 
curl \
 -X GET https://[tenant_id].logto.app/api/configs/oidc/{keyType} \
 -H "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200) 
[
  {
    "id": "string",
    "createdAt": 42.0,
    "signingKeyAlgorithm": "RSA"
  }
]