Get OIDC keys

Add MCP server to your AI tool

Allow AI tools and LLMs to interact with the API documentation portal through MCP.

MCP server URL

https://openapi.logto.io/mcp

Standard setup for AI tools providing an mcp.json file

mcp.json 
"Logto API references MCP server": {
  "url": "https://openapi.logto.io/mcp"
}
Close
GET /api/configs/oidc/{keyType}
O auth2

Get OIDC signing keys by key type. The actual key will be redacted from the result.

Path parameters

  • keyType string Required

    Private keys are used to sign OIDC JWTs. Cookie keys are used to sign OIDC cookies. For clients, they do not need to know private keys to verify OIDC JWTs; they can use public keys from the JWKS endpoint instead.

    Values are private-keys or cookie-keys.

Responses

  • 200 application/json

    An array of OIDC signing keys for the given key type.

    Hide response attributes Show response attributes object
    • id string Required
    • createdAt number Required
    • signingKeyAlgorithm string

      Values are RSA or EC.

    • status string

      Values are Next, Current, or Previous.

    • effectiveAt number
  • 400

    Bad Request

  • 401

    Unauthorized

  • 403

    Forbidden

GET /api/configs/oidc/{keyType} 
curl \
 --request GET 'https://[tenant_id].logto.app/api/configs/oidc/{keyType}' \
 --header "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200) 
[
  {
    "id": "string",
    "createdAt": 42.0,
    "signingKeyAlgorithm": "RSA",
    "status": "Next",
    "effectiveAt": 42.0
  }
]