JSON Web Key Set (JWKS) - Prelude Documentation

The Prelude Session API uses JSON Web Key Sets (JWKS) for secure cryptographic operations, particularly for signing and verifying JSON Web Tokens (JWTs) used in the authentication process.

What is a JWKS?

A JSON Web Key Set (JWKS) is a JSON data structure that represents a set of cryptographic keys. The JWK specification is defined in RFC 7517 and provides a standardized format for representing cryptographic keys used in various security operations.

How Prelude Uses JWKS

Prelude Session API uses JWKS primarily for:

Signing Access Tokens: When a user authenticates, the API generates a JWT access token signed with a private key.
Token Verification: Client applications can use the corresponding public key to verify the authenticity of tokens.

JWKS Endpoint

Prelude provides a public endpoint to retrieve the JWKS used for token verification for your application: https://<app_id>.session.prelude.dev/.well-known/jwks.json.

Documentation

API Reference

​What is a JWKS?

​How Prelude Uses JWKS

​JWKS Endpoint

What is a JWKS?

How Prelude Uses JWKS

JWKS Endpoint