I’ve realised that the JWT’s I’ve been getting can be validated on my server without a public key… obviously this isn’t great so I went hunting for a way to add a key for signing to my application in the okta UI and I can’t see it anywhere.
This guide: https://developer.okta.com/docs/guides/implement-oauth-for-okta-serviceapp/-/create-publicprivate-keypair/ seems a little vague. Is it the best one? The next steps ask me to create a client via the API.
Am I missing something? I was expecting to be able to add a key somewhere in the menus - but I’ve already created a client. I guess a good question is - can I add a key (jkws?) to an existing application?
Any help is greatly appreciated.