Retrieving the Public Key ID
A JSON Web Token (JWT) includes these three elements:
- Header
- Payload
- Signature
header.payload.signature
.The
kid
parameter within the JWT header is the public key ID. You use this ID
to request the public key using the /flex/v2/public-keys/
endpoint.{kid}
Decrypting the JWT Header
The JWT is Base64-encoded. You must decrypt the token before you can see the
kid
parameter.Example: Header
eyJraWQiOiJ6dSIsImFsZyI6IlJTMjU2In0K
Example: Decrypting Header on the Command Line
echo 'eyJraWQiOiJ6dSIsImFsZyI6IlJTMjU2In0K' | base64 --decode
Example: Output
{"kid":"zu","alg":"RS256"}