Where can I find the JWKS Uri for Azure AD

2023-01-24T15:46:36.5566667+00:00

I am integrating an IBM Jazz application with Azure AD for multifactor authentication. To configure from my application side I need the JWKS Uri but I am unable to find it.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,726 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Marilee Turscak-MSFT 32,551 Reputation points Microsoft Employee
    2023-01-27T02:11:47.8633333+00:00

    Hi Shaikh, Shahana (ADV D AA MO INFRA UTC) ,

    The JWKS Uri for Azure is this one:

    https://login.microsoftonline.com/common/discovery/v2.0/keys
    

    You can confirm this by calling the following from your browser:

    https://login.microsoftonline.com/{your_azure_active_directory_id}/.well-known/openid-configuration
    

    If your application has custom signing keys as a result of using the claims-mapping feature, however, you need to append an appid (from your app registration) query parameter that contains the application ID to get a jwks_uri that points to the signing key information of the application. So it would look like this (but with your own app ID added):

    https://login.microsoftonline.com/{tenant}/discovery/keys?appid=6731de76-14a6-49ae-97bc-6eba6914391e
    

    See more details here.

    -

    If the information helped you, please Accept the answer. This will help us as well as others in the community who might be looking up similar questions.

    1 person found this answer helpful.
    0 comments No comments

  2. Aradhya Mohta 0 Reputation points
    2023-08-04T06:33:54.1366667+00:00

    Hi, How can I delete/renew the jwks_uri (rotating the key)?

    0 comments No comments