Parse JWK from Certificate
Overview
Parses a JWK (JSON Web Key) from an existing certificate and creates it. This is a convenience endpoint for extracting JWKs from certificates.
Endpoint
POST /apiops/projects/{projectName}/jwks/parse-from-certificate
Authentication
Requires a Personal API Access Token.
Header
Authorization: Bearer YOUR_TOKEN
Request
Headers
| Header | Value | Required |
|---|---|---|
| Authorization | Bearer {token} | Yes |
| Content-Type | application/json | Yes |
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| projectName | string | Yes | Project name |
Request Body
{
"name": "my-jwk",
"description": "JWK from certificate",
"certificateName": "my-certificate",
"environmentName": "production",
"useType": "SIGNATURE",
"algorithm": "RS256"
}
Request Body Fields
| Field | Type | Required | Description |
|---|---|---|---|
| name | string | Yes | JWK name (unique identifier) |
| description | string | No | JWK description |
| certificateName | string | Yes | Certificate name |
| environmentName | string | Yes | Environment name |
| useType | string | Yes | Use type: SIGNATURE, ENCRYPTION |
| algorithm | string | Yes | Algorithm to use with the key. See Notes section for valid algorithm values based on key type and useType. |
Response
Same as Create JWK response format.
cURL Example
curl -X POST \
"https://demo.apinizer.com/apiops/projects/MyProject/jwks/parse-from-certificate" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "my-jwk",
"description": "JWK from certificate",
"certificateName": "my-certificate",
"environmentName": "production",
"useType": "SIGNATURE",
"algorithm": "RS256"
}'
Notes
- algorithm: This field specifies the cryptographic algorithm to use with the key. The value must match the key type and useType:
- RSA with SIGNATURE:
RS256,RS384,RS512,PS256,PS384,PS512 - RSA with ENCRYPTION:
RSA1_5(deprecated),RSA-OAEP(deprecated),RSA-OAEP-256,RSA-OAEP-384,RSA-OAEP-512 - EC with SIGNATURE:
ES256,ES384,ES512,ES256K - EC with ENCRYPTION:
ECDH-ES,ECDH-ES+A128KW,ECDH-ES+A192KW,ECDH-ES+A256KW,ECDH-1PU,ECDH-1PU+A128KW,ECDH-1PU+A192KW,ECDH-1PU+A256KW - OCT with SIGNATURE:
HS256,HS384,HS512 - OCT with ENCRYPTION:
A128KW,A192KW,A256KW,A128GCMKW,A192GCMKW,A256GCMKW,DIR,PBES2-HS256+A128KW,PBES2-HS384+A192KW,PBES2-HS512+A256KW - OKP with SIGNATURE:
EdDSA - OKP with ENCRYPTION:
ECDH-ES,ECDH-ES+A128KW,ECDH-ES+A192KW,ECDH-ES+A256KW,ECDH-1PU,ECDH-1PU+A128KW,ECDH-1PU+A192KW,ECDH-1PU+A256KW
- RSA with SIGNATURE:
- Important:
algorithmmust be a valid algorithm name, not a key type (e.g., useRS256notRSA)
Related Documentation
- Create JWK - Create JWK with source type CERTIFICATE
- List JWKs - List all JWKs