Verifies ES256 JWTs — replay-protected via KV
| Issuer | sender.erfi.io |
| Audience | receiver.erfi.me |
| Max Token Age | 60s |
| Registered Keys | sender-erfi-io (erfi.io) |
| Identity Mode | receiver-controlled (key registry) |
| Replay Store | KV (JTI_STORE) |
Waiting for authenticated requests. Use the sender UI to trigger one.
Or test rejection:
curl https://erfi.me/api/healthGET / — this UI (public, live via WebSocket)POST /api/data — accepts data (JWT required)GET /api/health — health check (JWT required)