Conformance Testing for FAPI Read/Write RPs


You can use the FAPI conformance suite (https://www.certification.openid.net/) to test your FAPI-RW Relying Party (RP) implementations.
In this case the conformance suite acts as the OpenID Provider (OP) and your client implementation acts as the relying party.

Please note that you can use a local instance of the FAPI conformance suite for your internal purposes but you must use https://www.certification.openid.net/ for certification submissions. You cannot certify with results obtained from a local instance.

Before You Begin

  • When submitting your test results, you must include logs from both the conformance suite and your client implementation. Please make sure that your client logs contain all the necessary information, e.g enabling debug level logging before running the tests may be needed.
  • When using a local instance of the conformance suite software, a self-signed certificate will be used for https endpoints. You may need to disable certificate checks in your client software.
    https://www.certification.openid.net uses valid certificates issued by Letsencrypt and disabling certificate checks should not be necessary.

Testing Steps

Image 1: Test configuration
FAPI RW RP testing configuration

  1. Go to https://www.certification.openid.net/ or to your local conformance suite instance, e.g https://localhost:8443/.
    1. When using https://www.certification.openid.net/, log in using a Google or GitLab account, or any OpenID Provider that supports WebFinger.
  2. Select “FAPI-RW-ID2: Relying Party(client test)” test plan from the “Select A Test Plan” dropdown.
  3. From the “Select A Variant” dropdown, select “mtls” or “private_key_jwt” for FAPI-RW testing depending which type of client authentication you support.
    1. “openbankinguk-*” versions must be used for UK Openbanking specific testing.
  4. Fill in the configuration form (as per the guidance given in the form fields when empty). You can switch to the “JSON” tab to view/edit the configuration in the underlying JSON format. Changes to the form are automatically reflected in the JSON and vice versa. The JSON can be copied and saved locally to be pasted back in later. The server will automatically remember the most recent JSON you successfully created a test with.

    • Server jwks must include private keys
    • Contrary to what the tooltip implies, client jwks does not need to include private keys. Only the public keys will work
  5. Click “Start Test Plan” button. You will be taken to a list of all the test modules in the plan.
  6. Click a “Run New Test” button
  7. Please read the description of the test in the light blue box near the top of the log page – this may contain specific instructions.
  8. Runtime values that your client needs to use will be displayed by the test suite as highlighted in the following screenshot. The conformance suite will wait for requests from your client.
    RP Testing Runtime Variables

  9. For FAPI-RW testing, your client is expected to perform the following steps:

    1. Do OpenID discovery, using the discoveryUrl shown in the test suite front end.
    2. Redirect to the authorization_endpoint obtained from discovery.
    3. The conformance suite will return a 302 redirect straight away without the user taking any action – so there is no need for this to even be in a web browser.
    4. Exchange the authorization code for an access token at the token_endpoint obtained from discovery.
    5. Call the accounts_endpoint displayed on the screen using the access token.
  10. For Openbanking UK testing, your client is expected to perform the following steps:

    1. Do openid discovery, using the discoveryUrl shown in the test suite front end.
    2. Send a client_credentials request to the token_endpoint obtained from discovery.
    3. Create an account request, by sending a request to the account_requests_endpoint displayed on the screen.
    4. Redirect to the authorization_endpoint obtained from discovery.
    5. The conformance suite will return a 302 redirect straight away without the user taking any action – so there is no need for this to even be in a web browser.
    6. Exchange the authorization code for an access token at the token_endpoint obtained from discovery.
    7. Call the accounts_endpoint displayed on the screen using the access token.
  11. When the test has completed, press “Continue Plan” to start the next test, or “Return to Plan” to view your progress.
  12. Once you have successfully completed testing, please follow the submission instructions to complete the certification process.
  13. If you require support, please email certification@oidf.org. If it relates to a test failure, please include a link to the relevant log-detail.html, or if using a local install, the downloaded log file.

Example Client

An example client can be found at https://gitlab.com/openid/sample-openbanking-client-nodejs. This is a nodejs application and requires nodejs and npm installed on your system.
You can use this client to see how your client implementation should interact with the conformance suite.

Before Running The Client

Before running this client you need to set the following environment variables:

  • CONFORMANCE_SERVER : Base path for the conformance suite. For example:
    export CONFORMANCE_SERVER=https://localhost:8443
  • ACCOUNT_REQUEST : account_requests_endpoint path displayed on test details page. Only needed when using a UK Openbanking variant. For example:
    export ACCOUNT_REQUEST=test/a/your-company-name/open-banking/v1.1/account-requests
  • ACCOUNTS : accounts_endpoint path displayed on test details page. For example:
    export ACCOUNTS=test-mtls/a/your-company-name/open-banking/v1.1/accounts
  • ISSUER : issuer value displayed on test details page. For example:
    export ISSUER=https://localhost:8443/test/a/your-company-name/
  • CLIENTTESTMODE : One of fapi-ob or fapi-rw which will activate UK Openbanking or FAPI-RW modes of the client application respectively. For example:
    export CLIENTTESTMODE="fapi-rw"

Running The Client

  1. Install dependencies using npm install
  2. Run npm run client (node entrypoint.js will work too)
  3. You should see output ending with COMPLETE: accounts endpoints response is...

Example Test Configuration

You can use the following test configuration with the example client. You can copy-paste this configuration into the “JSON” text box on the test plan configuration page.
{
    "alias": "your-company-name",
    "description": "my company client test",
    "server": {
        "jwks": {
            "keys": [
                {
                    "d": "Q19weh2dFdRKD2Tt6sQ8bdy-oKg9HZAlClzCWdK60eZVCk0HR0TeCpL-C4uEXWESHdCMfeNfUQNLBPDQUALZ2vL7CVpDm5xyPIbkJFWhug8NbZH-DOEIHECfjMlXSA5jPcyip0wUsjUSPAJt3bZnuhn9qE4L96t6WXoLg1MlI76Ep2eKZsjjOypvxUEXCHLzlotIlOsznsYjmA4MbR22GUVfrmS3g_g6Q8xJYIwvMxb-sIQUJv5XjJu09tI21-_NS40RrsxlXAHmPf4Nop_EZ9XsGPcbBFdln8V-BJlE9-8YSc7gC-2xGqAI6seNR0t--83Q1Z6dMmqLg_HKG38FMQ",
                    "e": "AQAB",
                    "use": "sig",
                    "kid": "38aa6685-498b-4583-a978-556c76661e29",
                    "x5c": [
                        "MIIDkjCCAnqgAwIBAgIUBs/K/GNjN/m5F3ReEk2owtsCH88wDQYJKoZIhvcNAQELBQAwezELMAkGA1UEBhMCVUsxDTALBgNVBAgTBEF2b24xEDAOBgNVBAcTB0JyaXN0b2wxEjAQBgNVBAoTCUZvcmdlUm9jazEcMBoGA1UECxMTZm9yZ2Vyb2NrLmZpbmFuY2lhbDEZMBcGA1UEAxMQb2JyaS1leHRlcm5hbC1jYTAgFw0xNzA4MTYxMTQxMDlaGA8yMTE4MDcyMzExNDEwOVowgYgxCzAJBgNVBAYTAlVLMQ0wCwYDVQQIEwRBdm9uMRAwDgYDVQQHEwdCcmlzdG9sMRIwEAYDVQQKEwlGb3JnZVJvY2sxITAfBgNVBAsTGDViNGIxMTA0YjA5MzQ2NmViNmU0YWU5MzEhMB8GA1UEAxMYNWI0YjExMDhiMDkzNDY2ZWI2ZTRhZTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJPSr7LFiFxsxGeV43Zuk3ADJZitLYy96FZx59M/zhchNShz5hdu/YumMQ9ilekEKg2PHbemRQXydgh7mY78IFCAD+EPz/tr/lSHPksyBO5428CFh7Wa05MaHmYKGW6PyYTmtyWa9gtj8vSWnNZyXT8+bLAsxPp3DjuaZkgcPqem7CTC8BQkH8GDx4LKtiSvBnOqOLIIbx7aehQ5AVyYnsuzaoNgdVxRmjYPwRFARD4mSCZovE4ngWywkr1JxiG9K7iksIMyfP9VF/5kfA3Foh4PEIWzUsLqdoSnJujbQcqRnrVX90ww3+PwmaIQNRutxE3tWhas/8exBdHgL+r9wQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBvkrpuPRkmovmS8Kiy2jO6gNt9I2++ZqS54K7VVJq0WRIYk4KNRgzND2zTNMz4O70g+Jhzn+2brzS1blXVrP3EwAMw8Vkjlfhl87WyihgpnI/fRB75gchCj8otsdn6OA0IGJQDY6P3MfwpaHWt9x49Gx/Ff3TgQusWVUfZWlDaX/rcUxdfMVJB7RuUKpyDowsKBIIpyX8Ps2P2oL/xXnVGgpFZebE12cCW4JjUMPMExcTmq61ip0mXwXEGFQXusHMRzJCoSCbyioDCJ9zxRYSHf5dIEpN71hBDb6RUQdTOovFvBJRyUxiffsYfq6aop29bgSc+wyv6gSoMBZeDwmY3",
                        "MIIDozCCAougAwIBAgIEJoO/8jANBgkqhkiG9w0BAQsFADB7MQswCQYDVQQGEwJVSzENMAsGA1UECBMEQXZvbjEQMA4GA1UEBxMHQnJpc3RvbDESMBAGA1UEChMJRm9yZ2VSb2NrMRwwGgYDVQQLExNmb3JnZXJvY2suZmluYW5jaWFsMRkwFwYDVQQDExBvYnJpLWV4dGVybmFsLWNhMB4XDTE4MDgwMjE2MTg1NVoXDTI4MDczMDE2MTg1NVowezELMAkGA1UEBhMCVUsxDTALBgNVBAgTBEF2b24xEDAOBgNVBAcTB0JyaXN0b2wxEjAQBgNVBAoTCUZvcmdlUm9jazEcMBoGA1UECxMTZm9yZ2Vyb2NrLmZpbmFuY2lhbDEZMBcGA1UEAxMQb2JyaS1leHRlcm5hbC1jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIs4bQZ1tVO08KYv/nAOn/xo+hKHq52IMmyEvhuo07wM1W+hhcxlmceL/0Rjq8mGVqMMoUDFS+SIa+6Tqgt56fZgud+O7KmGWTPDZXDofecYFT56b64u6Bi0Psp5afsSst3gWyCV5b7DaxlZoQ2H8BfsERnmJuGG/633p3LPNzKTxTFGRfNsWIoHi+Bw4GVL0STGxC3BCCEWr7JYUpYbuAgL1T17oYJQq38BwLl5liu+W7zu7nOqGJlenBYwhfPS8vl2Unr4HLSs8mn1XYnD7J+Bn8rN8kBsWozBsD4Hb3A93omiM8c8ClGzuquCVg7NjRTuc7n2+5eLsvS7siWjApsCAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUJ2HaSAFW+VzVjRpb086QeYIyn/UwDQYJKoZIhvcNAQELBQADggEBAFbcKVhpvmCZz/xSAkNJr8ilXK6gukNLPD/BdNKOflfMf0VwyJRbgzyZ7LEcY4pLU7U/QCAhg6BQ9UgzL8jFv0jKOXi3DUNG5Dxevcb5fJyEgded2nJvKLJ9qHCE4Q8IGMWnIFX6IvIiizKXrJgi2GXpXmPrkZin98zM7yn3R0TaHOHo5ARG8n8UmhuQKPkoLoawu9n97XJ+KB27Y8mC5uYbKeFL3ocw6G2oA49vuCyWFHuZAMLBxd6H9fQVtozKR2rzlbnpo3sb4iJvfid7o57ybMt7CpDCOmTK2QJXgIl/mTsMz2TrnbI1OosGZX7HkSfzphNj0mT8P8ZM971lPYY="
                    ],
                    "dp": "xNVVIzqA506SYqExxFINlUqCdU8knpxT4reOdEhihTuXuUXoSaS_-ugsQLcXD56aZuvjPtneIAPOiOs_5aJoVXJ0f7F4DZ4DcF2yAwleU_RMALbCjEGAr9wPvFlS7kT8EP9828w7vg3S2RrNigAaqanunFCUWW-4BmAoLd7RMoU",
                    "dq": "BeIIvFTbmIxWlNtqsq5GX0sQWz23c8BfL64z5242sIrofhAVRyT0x6BtT3f3iRMP0V6ceo9otifqIv-9cJaPSiblcs1aKfoDUW3yFOmnHieflTG9bdU6x3UaQQAQfScwpAM7j3Ba9DK7j_FgJMHg4MTm-okdisLssa_W_p1YQxk",
                    "n": "iJPSr7LFiFxsxGeV43Zuk3ADJZitLYy96FZx59M_zhchNShz5hdu_YumMQ9ilekEKg2PHbemRQXydgh7mY78IFCAD-EPz_tr_lSHPksyBO5428CFh7Wa05MaHmYKGW6PyYTmtyWa9gtj8vSWnNZyXT8-bLAsxPp3DjuaZkgcPqem7CTC8BQkH8GDx4LKtiSvBnOqOLIIbx7aehQ5AVyYnsuzaoNgdVxRmjYPwRFARD4mSCZovE4ngWywkr1JxiG9K7iksIMyfP9VF_5kfA3Foh4PEIWzUsLqdoSnJujbQcqRnrVX90ww3-PwmaIQNRutxE3tWhas_8exBdHgL-r9wQ",
                    "p": "0GUmNiJNL804rPNXq1nfANCqpvIZjqVpM9Z_5eQc0uShU5NWpvGAxzS4xHCjIyF-nmmf9QD51VHolkekD2kfpCJd7d6GbeA3xlZexFlij9LOO1dcvNEaBd4PsTqR7amIlE1T2NkrKjGwc2QdLzLTWLlo83hFa7zcH64CWWIsCJU",
                    "kty": "RSA",
                    "x5t#S256": "I3ExedytHIH19IFpF8qbFUTnjrUmCiYn73Nxnwax11c",
                    "q": "p8bPBjF0PJhMxvZes6_ojsDoarsCKzQ9f9IOcPlUTbaXKxCjAVzmcVFtYmXuvMe6-rNWzPc6xXkDqqcmlNT8SqjW-IOPof9Axf1FnCeph_33LdJlGs9GQmHHMmOJKLyw0Pl9vEI3URCu-aSpHzHd-74FuvEUtPeyFlb4B5zzWX0",
                    "qi": "usx-1jReoh-YdEZl00pvqby0j1WDAjVuM_BuYr9UNKm8Fzk_RDJFX5AWPPC6JisR3r10bhVH-GunAVSzA2AlKR78aAufDCCCqiO5DTTF1sinxnBFalgf0bxK5fHfvXTe11VNjq1hDXqB7AZrVHWpn2a_Pk1QCMsLI0k4qh1tgJk",
                    "alg": "PS256"
                }
            ]
        }
    },
    "client": {
        "client_id": "test-client-id-346334adgdsfgdfg3425",
        "client_secret": "test-client-secret-452wf246w3g324t34",
        "scope": "openid accounts",
        "redirect_uri": "http://localhost:44444/",
        "certificate": "-----BEGIN CERTIFICATE-----\nMIIFqzCCBJOgAwIBAgIEWWwO+DANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJHQjEdMBsGA1UEChMUT3BlbiBCYW5raW5nIExpbWl0ZWQxETAPBgNVBAsTCFRlc3QgUEtJMSUwIwYDVQQDExxPcGVuIEJhbmtpbmcgVGVzdCBJc3N1aW5nIENBMB4XDTE4MDEzMDExMjI1OVoXDTE5MDEzMDExNTI1OVowajELMAkGA1UEBhMCR0IxHTAbBgNVBAoTFE9wZW4gQmFua2luZyBMaW1pdGVkMRswGQYDVQQLExJOakVENTNtcWxiY3JySFI5cW0xHzAdBgNVBAMTFjdqdHBpQkxwWlVrVTE2TXhJRFNzQm0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtdpOduWzqDn49BjLJmcBAwJbtxuM46oKfkvOG+mxtxKE90wqYN7sKIOFs1mcqb3Q//ensf95L9YLV/CAmyxrKoSZ0m0tbVZT2/nYI0+1D+iuOHb7Zr2YpIR6HWtqcr63ARusyAkGvUpJuQ+tPx8HuHrK57EqEoh6WIKc4sCv4qQUWGRLwhwwKYcVzhEFDfNjTrOvRJkP3AuMELGGn4/PnSmdmwRUQCDjMRRL4sq6n5N7/PmDq6HGvUYzxdijR1NpShuv0GMvOtySk5pq16UMLO84ARjS5FWQ5g24q9EoXPF4uQEyb4pexvEPForlxS8Zrp6PxgqzloKq/GVZ8TaGhAgMBAAGjggJbMIICVzAOBgNVHQ8BAf8EBAMCB4AwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIHgBgNVHSAEgdgwgdUwgdIGCysGAQQBqHWBBgFkMIHCMCoGCCsGAQUFBwIBFh5odHRwOi8vb2IudHJ1c3Rpcy5jb20vcG9saWNpZXMwgZMGCCsGAQUFBwICMIGGDIGDVXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgT3BlbkJhbmtpbmcgUm9vdCBDQSBDZXJ0aWZpY2F0aW9uIFBvbGljaWVzIGFuZCBDZXJ0aWZpY2F0ZSBQcmFjdGljZSBTdGF0ZW1lbnQwOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2J0ZXN0LnRydXN0aXMuY29tL29jc3AwgcMGA1UdHwSBuzCBuDA3oDWgM4YxaHR0cDovL29idGVzdC50cnVzdGlzLmNvbS9wa2kvb2J0ZXN0aXNzdWluZ2NhLmNybDB9oHugeaR3MHUxCzAJBgNVBAYTAkdCMR0wGwYDVQQKExRPcGVuIEJhbmtpbmcgTGltaXRlZDERMA8GA1UECxMIVGVzdCBQS0kxJTAjBgNVBAMTHE9wZW4gQmFua2luZyBUZXN0IElzc3VpbmcgQ0ExDTALBgNVBAMTBENSTDgwHwYDVR0jBBgwFoAUDwHAL+hobPcjv45lbokNxqaFd7cwHQYDVR0OBBYEFEYFsaGlCZmxTUSUsOXCoEL5iurTMA0GCSqGSIb3DQEBCwUAA4IBAQBI7nFD9rZQnTdpoWkS6YFnLjHFDzZF9vrtx+HrkCPW1FYksaZWfK4BKBTukBwnCeLHxMMLCJj3YGf4Non9puEJ+saFHxquUSSsy9Z6e77MC3Uacsj6HuT9BlnmMhBRmvXXnAhbOVKbjvzrWbMaQiERty0MmsXEDq6SVFTVb9bOKwchqYnyXNRbrj5UuW9ChesFA91cqTRBbL2An154KLj7GsMuJ3ybxyBS1UbMjaRFJQKrXMTrz43lIU7AQ/r9iWlJYPiqWQBH+ooCeaNQgLo26ETu9eKffJzH3ZvzxhSn9DKsZV93hfvVQoWRVzna9+W6XORSfS9OxEkZsapeYsTF\n-----END CERTIFICATE-----",
		"jwks": {
            "keys": [
                {
                    "e": "AQAB",
                    "use": "sig",
                    "kid": "c1df0e7a-031c-4232-9314-8717d9bccdb4",
                    "x5c": [
                        "MIIDkjCCAnqgAwIBAgIUQE4BXL8EHZt5OrhGVAAgnBYUzQowDQYJKoZIhvcNAQELBQAwezELMAkGA1UEBhMCVUsxDTALBgNVBAgTBEF2b24xEDAOBgNVBAcTB0JyaXN0b2wxEjAQBgNVBAoTCUZvcmdlUm9jazEcMBoGA1UECxMTZm9yZ2Vyb2NrLmZpbmFuY2lhbDEZMBcGA1UEAxMQb2JyaS1leHRlcm5hbC1jYTAgFw0xNzA4MTYxMTQxMDlaGA8yMTE4MDcyMzExNDEwOVowgYgxCzAJBgNVBAYTAlVLMQ0wCwYDVQQIEwRBdm9uMRAwDgYDVQQHEwdCcmlzdG9sMRIwEAYDVQQKEwlGb3JnZVJvY2sxITAfBgNVBAsTGDViNGIxMTA0YjA5MzQ2NmViNmU0YWU5MzEhMB8GA1UEAxMYNWI0YjNkMDBiMDkzNDY2ZWI2ZTRhZTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYduFvjFXfe0e0Sn7gMiVfpkTdEHMhT8bc9NBioz9LeqvaaRKwoJ0SUVETV7RAorXNVyyP2G4lg1ZLkqfBb1f6OceJDpv4LTHvdv1JWC2oi1S/GsoiBJsFQMI1/qz1AdGs6SlVBV3UVFhlXqW17qeoBayVidNd5tKU1wMUVKZivVu1rvnOwhNcjmkERo9hwf5cXWJap/nOBfNmiiuhfIhOulPrLe8cxG20OvZ1NfgFIENfIT5sKqDVkfglM7D1ZQbh0OWxQ3TzbfDD4ZjeOKjWxi5/XGG7pkoYx1u3Elv7231WPG82vn8hVGQNZJ++sS6ERhUOOD/T4KiuQzaAWJ8QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAF/7WdG4UFRng5zRLpkfop/0m/SB2anhPEM5HJrdhRROQKnmQsmV3HwncPaxBFM/Ge7B0jZsCaSJIJ55ReRNFPry1iUGIxSKZ2cnWnTFjIyUDcbVRg3zHSbuhOieTKI9c0TgJfhnCrEc43MwEqmRN8BVSzeMrVjeSSsNEkWscTx3QRi1R/Myky3YNAi2l2Qo9Ihh2AsrADtOanYDFrU9dAw5qJRvj/z+x2/PickIxE4E1Y1sLfXPvnLFqUBfm82h0tDgwe53qU/dpJZb0Bq6/iXrnXhKtihBjJ/I66Ggk/0L+xsHakCqUPcf5HOK1HMSPVvnw6iBavr4zWF/XF++nZ",
                        "MIIDozCCAougAwIBAgIEJoO/8jANBgkqhkiG9w0BAQsFADB7MQswCQYDVQQGEwJVSzENMAsGA1UECBMEQXZvbjEQMA4GA1UEBxMHQnJpc3RvbDESMBAGA1UEChMJRm9yZ2VSb2NrMRwwGgYDVQQLExNmb3JnZXJvY2suZmluYW5jaWFsMRkwFwYDVQQDExBvYnJpLWV4dGVybmFsLWNhMB4XDTE4MDgwMjE2MTg1NVoXDTI4MDczMDE2MTg1NVowezELMAkGA1UEBhMCVUsxDTALBgNVBAgTBEF2b24xEDAOBgNVBAcTB0JyaXN0b2wxEjAQBgNVBAoTCUZvcmdlUm9jazEcMBoGA1UECxMTZm9yZ2Vyb2NrLmZpbmFuY2lhbDEZMBcGA1UEAxMQb2JyaS1leHRlcm5hbC1jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIs4bQZ1tVO08KYv/nAOn/xo+hKHq52IMmyEvhuo07wM1W+hhcxlmceL/0Rjq8mGVqMMoUDFS+SIa+6Tqgt56fZgud+O7KmGWTPDZXDofecYFT56b64u6Bi0Psp5afsSst3gWyCV5b7DaxlZoQ2H8BfsERnmJuGG/633p3LPNzKTxTFGRfNsWIoHi+Bw4GVL0STGxC3BCCEWr7JYUpYbuAgL1T17oYJQq38BwLl5liu+W7zu7nOqGJlenBYwhfPS8vl2Unr4HLSs8mn1XYnD7J+Bn8rN8kBsWozBsD4Hb3A93omiM8c8ClGzuquCVg7NjRTuc7n2+5eLsvS7siWjApsCAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUJ2HaSAFW+VzVjRpb086QeYIyn/UwDQYJKoZIhvcNAQELBQADggEBAFbcKVhpvmCZz/xSAkNJr8ilXK6gukNLPD/BdNKOflfMf0VwyJRbgzyZ7LEcY4pLU7U/QCAhg6BQ9UgzL8jFv0jKOXi3DUNG5Dxevcb5fJyEgded2nJvKLJ9qHCE4Q8IGMWnIFX6IvIiizKXrJgi2GXpXmPrkZin98zM7yn3R0TaHOHo5ARG8n8UmhuQKPkoLoawu9n97XJ+KB27Y8mC5uYbKeFL3ocw6G2oA49vuCyWFHuZAMLBxd6H9fQVtozKR2rzlbnpo3sb4iJvfid7o57ybMt7CpDCOmTK2QJXgIl/mTsMz2TrnbI1OosGZX7HkSfzphNj0mT8P8ZM971lPYY="
                    ],
                    "n": "hYduFvjFXfe0e0Sn7gMiVfpkTdEHMhT8bc9NBioz9LeqvaaRKwoJ0SUVETV7RAorXNVyyP2G4lg1ZLkqfBb1f6OceJDpv4LTHvdv1JWC2oi1S_GsoiBJsFQMI1_qz1AdGs6SlVBV3UVFhlXqW17qeoBayVidNd5tKU1wMUVKZivVu1rvnOwhNcjmkERo9hwf5cXWJap_nOBfNmiiuhfIhOulPrLe8cxG20OvZ1NfgFIENfIT5sKqDVkfglM7D1ZQbh0OWxQ3TzbfDD4ZjeOKjWxi5_XGG7pkoYx1u3Elv7231WPG82vn8hVGQNZJ--sS6ERhUOOD_T4KiuQzaAWJ8Q",
                    "kty": "RSA",
                    "x5t#S256": "87Dt9TpNW-WAQnR1YzPGNihFZQ1oBBIV7YidGcFamOc",
                    "alg": "PS256"
                }
            ]
        }
    }
}