Storing your JWKS

❗️

It is highly unusual for you to share your private JWKS, even for debugging. Moneyhub should NEVER ask you for your private key.

Your private key is the primary method of identifying yourself to us. If it is compromised, we would likely struggle to tell a malicious actor apart from genuine requests.

You should store your private keys safely within your environment variables, Key Management System(KMS) or encrypted config and use them to sign future JWTs destined for the Moneyhub API. Do not commit plain-text private keys to remote code repositories.