To add additional keys to the

/.well-known/jwks.json

endpoint, you need to create a keyset and then add it to the OAuth2 configuration. Here are the steps: 1. Create a keyset. You can use the

ory create jwk

command to create a custom keyset. For more information on how to create a custom keyset, refer to the [ory create jwk command documentation](https://www.ory.sh/docs/cli/ory-create-jwk). 2. Add the created keyset to the OAuth2 configuration. Use the following command to add a custom keyset to the OAuth2 configuration:

bash ory patch oauth2-config $YOUR_PROJECT_ID \     --add '/webfinger/jwks/broadcast_keys/-="custom_keyset"'

Replace

$YOUR_PROJECT_ID

with your project ID and

"custom_keyset"

with the name of your custom keyset. Remember, the

/.well-known/jwks.json

file is a standard endpoint that contains the public keys for verifying ID tokens and JWT access tokens. Ory OAuth2 and OpenID Connect exposes this endpoint by default for each Ory Network project. Source: [Ory Documentation](https://www.ory.sh/docs/hydra/jwks#the-role-of-well-knownjwksjson)

@chilly-king-10285 how would i patch the key

{
  "kty": "RSA",
  "e": "AQAB",
  "use": "sig",
  "kid": "ory-example",
  "alg": "RS256",
  "n": "rm_FZLcTUKdiCnv5zc5284DBQ2RO0f-VLpD4CcJ6Y3Po0zYoMiniOCdmTn1I5klau6BfVQWpDfdqV-G-HhRhLpdDy30Zs-t1veN-YxXgBOnF6neqww5tivwtJ--SS5S2m4UyiNxqlWy4-1FttpCKwu-Dm8d2Q7ppUal6wQojGOnCje8P499a0x9JjMZbh0DcUke2mn_ScmVTV8IEC7caMyo3D_HVdaMuNDN2N2O-7fRUJTVn8pgsjUfw1xP8tB-8-k6rK07X9yi_-oUyXqaqj8IhCPNMOc1UaQbrY3vvdMarQQrykkyXDPp6IL4vA3dw8q46BJvfLRsOCa1g-uaApQ"
}

To patch a key, you would typically use the

ory patch

command. However, the specific command to patch a key is not provided in the given knowledge sources. The

ory patch

command is used to adjust specific keys in the configuration or to add custom keys to the OAuth2 configuration. For example, to add a custom keyset to the OAuth2 configuration, you would use:

bash ory patch oauth2-config $YOUR_PROJECT_ID \     --add '/webfinger/jwks/broadcast_keys/-="custom_keyset"'

And to adjust specific keys in the configuration, you would use:

bash ory patch oauth2-config --project <project-id> --workspace <workspace-id> \     --replace '/ttl/refresh_token="999h0m0s"'

However, these examples do not directly apply to patching a specific key like the one you provided. For more specific instructions, you may need to refer to the Ory documentation or the

ory patch

command documentation.

I'm sorry for any confusion, but the knowledge sources provided do not contain the specific command to patch a key in the format you've provided. The

ory patch

command is mentioned, but it's used in the context of adding a keyset to the OAuth2 configuration or adjusting specific keys in the configuration, not patching a specific key. Here's an example of how the

ory patch

command is used:

bash ory patch oauth2-config $YOUR_PROJECT_ID \     --add '/webfinger/jwks/broadcast_keys/-="custom_keyset"'

In this example,

"custom_keyset"

would be the name of your custom keyset. However, this command is for adding a keyset to the OAuth2 configuration, not for patching a specific key. For more specific instructions on how to patch a key, you may need to refer to the Ory documentation or the

ory patch

command documentation.