JWT Issuers Registry
Well-known JWT issuers, their JWKS endpoints, and the issuer-specific claims your verifier needs to check. Each entry links to a dedicated verification guide for that issuer.
-
Google
Verify Google OAuth 2.0 / OpenID Connect JWTs. Google's issuer, JWKS URL, RS256 signing, and issuer-specific claims (azp, hd, email_verified, at_hash) explained with validation rules.
https://accounts.google.com
-
Microsoft Entra ID (Azure AD)
Verify Microsoft Entra ID (Azure AD) JWTs. Issuer, JWKS, RS256 signing, v2.0 endpoint, tenant-specific iss, and the appid, oid, tid, ver claims explained with validation rules.
https://login.microsoftonline.com/{tenant}/v2.0
-
Auth0
Verify Auth0 JWTs. Auth0's issuer, JWKS URL, RS256 default signing, and the azp, scope, permissions claims explained with validation rules and code examples.
https://YOUR_DOMAIN.auth0.com
-
Okta
Verify Okta JWTs. Okta's issuer, JWKS URL, RS256 signing, and the uid, cid, scope claims explained with validation rules for access and ID tokens.
https://YOUR_DOMAIN.okta.com
-
AWS Cognito
Verify AWS Cognito JWTs. Cognito's per-pool issuer, JWKS URL, RS256 signing, and the token_use, client_id, scope claims explained with validation rules.
https://cognito-idp.{region}.amazonaws.com/{userPoolId}
-
Firebase Auth
Verify Firebase Auth JWTs. Firebase's issuer, JWKS URL, RS256 signing, and the user_id, sign_in_provider, firebase claims explained with validation rules.
https://securetoken.google.com/YOUR_PROJECT
-
Keycloak
Verify Keycloak JWTs. Keycloak's realm-specific issuer, JWKS URL, RS256 default, and the realm_access, resource_access, preferred_username claims explained with validation rules.
https://YOUR_DOMAIN/realms/YOUR_REALM
Verification fundamentals
Regardless of issuer, every verification does the same four things:
hardcode the algorithm, verify the signature against the issuer's JWKS,
validate iss against the expected
issuer, and validate aud against
your service. The issuer pages above spell out the issuer-specific
claims; these references explain the universal rules.