- This line was added.
- This line was removed.
- Formatting was changed.
To set up the API, follow these steps:
- Log in to Nexus GO.
- Click Services > Signing.
- Select the signing service for which you want to set up the API. Click Set up API.
Enter a JWKS URL, see below for more information. Click Next.
If it is not possible to expose a public endpoint, then check Use custom keys and enter the public key in the input field.
- Click Next and Submit to confirm.
JSON Web Key Set (JWKS)
The signed assertion for authentication is validated with a public key. By using PKI, the signing key can be changed at any time without having to go to the admin portal and reconfigure it.
The web application shall expose the public key in a JSON Web Key Set (JWKS) on a URL and specify it in the configuration. For more information, see copy - Authenticate to the PDF Signing API.
Here is an example of a response from a JWKS URL. The same value of
In case it is not possible to expose a public endpoint, the public key can also be explicitly stated. In this case, the single key shall be stated in JWK format:
Here is an example of a single JWK. The same value of