About JWK and JWKS Inspector
Parses JSON Web Keys locally and computes the canonical SHA-256 thumbprint defined by RFC 7638 for RSA, EC, OKP, and symmetric octet keys. It exposes structural facts without pretending to validate a signature, issuer, trust chain, revocation status, or possession of private key material.
- Accepts either one JWK or a JWKS keys array.
- Computes thumbprints with the browser Web Crypto API.
- Never sends pasted keys to a server.
Frequently Asked Questions
- Does this verify a JWT?
- No. It inspects keys and computes identifiers. Signature verification also requires the signed token, algorithm policy, issuer context, and claim validation.
More Development Tools
All Development toolsDevelopment
JWT Decoder
Decode JWTs and view header, payload, and claims.
Development
HTML Editor
Write HTML with live preview side by side.
Development
JSON Schema Validator
Validate JSON against a JSON Schema.
Development
Private HAR Analyzer
Inspect sensitive HTTP Archive files locally with request filters, timing waterfalls, summaries, redirect chains, headers, and bodies.