The Prelude Session API uses JSON Web Key Sets (JWKS) for secure cryptographic operations, particularly for signing and verifying JSON Web Tokens (JWTs) used in the authentication process.

What is a JWKS?

A JSON Web Key Set (JWKS) is a JSON data structure that represents a set of cryptographic keys. The JWK specification is defined in RFC 7517 and provides a standardized format for representing cryptographic keys used in various security operations.

How Prelude Uses JWKS

Prelude Session API uses JWKS primarily for:

  1. Signing Access Tokens: When a user authenticates, the API generates a JWT access token signed with a private key.
  2. Token Verification: Client applications can use the corresponding public key to verify the authenticity of tokens.

JWKS Endpoint

Prelude provides a public endpoint to retrieve the JWKS used for token verification for your application: https://<app_id>.session.prelude.dev/.well-known/jwks.json.