Documentation Index
Fetch the complete documentation index at: https://specterops-enable-tls-feedback.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Overview
JSON Web Keys (JWKs) are used by OAuth 2.0 client applications to authenticate with Okta using theprivate_key_jwt client authentication method. This is an asymmetric authentication mechanism where the application possesses a private key and Okta stores the corresponding public key. A service application can have multiple JWKs configured for key rotation purposes.
JWKs are represented as Okta_JWK nodes in BloodHound.
Edges
The tables below list edges defined by the Okta extension only. Additional edges to or from this node may be created by other extensions.
Inbound Edges
No inbound edges are defined by the Okta extension for this node.Outbound Edges
| Edge Type | Destination Node Types | Traversable |
|---|---|---|
| Okta_KeyOf | Okta_Application | ✅ |
Properties
| Name | Source | Type | Description |
|---|---|---|---|
id | jwk.id | string | Unique JSON Web Key identifier. |
name | jwk.kid (fallback jwk.id) | string | Key identifier used as node name. |
displayName | jwk.kid (fallback jwk.id) | string | Display label used in BloodHound. |
oktaDomain | Collector context (non-API) | string | Okta organization domain where the key exists. |
status | jwk.status | string | Current lifecycle status of the key. |
kid | jwk.kid | string | JSON Web Key identifier (kid). |
kty | jwk.kty | string | Key type (RSA, EC, …). |
use | jwk.use | string | Intended key usage (sig, enc). |
created | jwk.created | datetime | Key creation timestamp. |
lastUpdated | jwk.lastUpdated | datetime | Last update timestamp. |