About JWK and JWKS Inspector

Parses JSON Web Keys locally and computes the canonical SHA-256 thumbprint defined by RFC 7638 for RSA, EC, OKP, and symmetric octet keys. It exposes structural facts without pretending to validate a signature, issuer, trust chain, revocation status, or possession of private key material.

  • Accepts either one JWK or a JWKS keys array.
  • Computes thumbprints with the browser Web Crypto API.
  • Never sends pasted keys to a server.

Frequently Asked Questions

Does this verify a JWT?
No. It inspects keys and computes identifiers. Signature verification also requires the signed token, algorithm policy, issuer context, and claim validation.

More Development Tools

All Development tools