oauth2.dev

kty

IESG

Registry Context

The `kty` JWK parameter identifies the key's cryptographic algorithm family and must be present in every JWK.

Technical Summary

RFC 7517 Section 4.1 defines `kty` as a case-sensitive string identifying the cryptographic algorithm family used with the key, such as `RSA` or `EC`.

When Used

When generating, validating, or processing JWKs.

Normative Requirements

Unspecified actor

MUST
1
  1. RFC 7517 - Section 4.1

    The `kty` member MUST be present in a JWK..

    This member MUST be present in a JWK.

Validation Guidance

error

Reject any JWK that omits the `kty` member.

error

Verify that the `kty` value is a string and treat it as case-sensitive.

Reference

Details

Entry Id
kty
Parameter Name
kty
Parameter Description
Key Type
Used With Kty Value
*
Parameter Information Class
Public
Change Controller
IESG
Reference
RFC7517 - Section 4.1