GET /.well-known/jwks.json - the JSON Web Key Set (RFC 7517 §5).

Publishes the public halves of the issuer's signing keys as a JWK Set so a resource server (or any client) can verify issued JWTs without a shared secret. A verifier fetches this set, then selects the key whose kid matches the token's JWS header (RFC 7515 §4.1.4). This is the document the authorization-server metadata's jwks_uri points at (RFC 8414 §2).

The set carries every verification key, so it covers a rotation window: tokens minted under the outgoing key still verify while the incoming key is also published. Only public key material is emitted; private components never appear (RFC 7517 §1).

This endpoint is unauthenticated public metadata, and its response is the same for every caller, so it is marked publicly cacheable (RFC 9111 §5.2.2). The JWK Set construction is delegated to Attesto.JWKS; this controller owns only the HTTP binding and the cache policy.

Configuration

Built on AttestoPhoenix.Config. The set is derived entirely from configuration; this controller holds no policy of its own:

• :keystore - the Attesto.Keystore whose verification_pems/0 are published. The host owns where the keys come from.

The configured AttestoPhoenix.Config is read from conn.private[:attesto_phoenix_config], placed there by the host's router pipeline.