I am using jwt access and id tokens and created following endpoints.
1. /auth/oauth/v2/token : generates jwt access and id token. Generates refresh token
2. /auth/validate/access_token : validates access token using OTK Required OAuth 2.0 Token assertion
3. /auth/validate/id_token: validates id token using Decode Json Web Token assertion
I want to know if I need to create or use existing any other endpoints which are required and related to complete jwt access token and jwt id token flow. Do I also need to create JWKs public keys using Create Json Web Key assertion ? If yes, please share the sample policy for the same and how it will be used by client application ?
------------------------------
Technology Lead
Infosys Limited
------------------------------