To extract values from the JWT token in your backend, you can use a JWT library that supports JSON Web Key Set (JWKS) for your programming language. You can validate the JWT token by pointing your JWT library to Ory Oathkeeper's JWKS endpoint:

<http://oathkeeper:4456/.well-known/jwks.json>

For example, if you're using Node.js, you can use the [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) library to fetch the public keys from the JWKS endpoint and validate the JWT token. Here's an example of how to use the

node-jwks-rsa

library: 1. Install the library:

bash npm install jwks-rsa

2. Use the library in your code to validate the JWT token:

javascript const jwt = require('jsonwebtoken'); const jwksClient = require('jwks-rsa');  const client = jwksClient({   jwksUri: '<http://oathkeeper:4456/.well-known/jwks.json>' });  function getKey(header, callback) {   client.getSigningKey(header.kid, (err, key) => {     const signingKey = key.publicKey || key.rsaPublicKey;     callback(null, signingKey);   }); }  const token = '<your_jwt_token_here>';  jwt.verify(token, getKey, (err, decoded) => {   if (err) {     console.error('Token validation failed:', err);   } else {     console.log('Decoded JWT token:', decoded);   } });

Replace

<your_jwt_token_here>

with the JWT token you received in the

Authorization

header. For other programming languages, you can find a suitable JWT library that supports JWKS and follow a similar approach. Source: [JSON Web Token validation](https://www.ory.sh/docs/oauth2-oidc/jwt-access-token#json-web-token-validation)