How to authenticate client using signed jwt with private key

I’m trying to figure out how to do an oauth2 client credential flow using the private_key_jwt auth method using a private key that I generate and use to encrypt my jwt. The well-known openid-configuration resource for my account indicates that private_key_jwt is supported: https://dev-692258.okta.com/oauth2/default/.well-known/openid-configuration. But I don’t see anywhere in my Okta admin portal where I can provide my JWKS url so Okta can fetch my public key (or less ideal, somewhere to upload my public key). Is this feature supported?

There is currently no UI option for this, but you can register your public keys using the API as a JWKS: https://developer.okta.com/docs/api/resources/oauth-clients#client-application-properties. Okta does not currently support the jwks_uri registration property.

Thanks. That gives me what I needed to know.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.