Skip to Main Content

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question.

Asked: September 22, 2025 - 4:45 pm UTC

Last updated: October 02, 2025 - 9:33 am UTC

Version: 24.2

Viewed 100+ times

You Asked

Hi,

Does Oracle have any plans to support RS256 in Apex ?

Thanks


https://apexapps.oracle.com/pls/apex/r/apex_pm/ideas/details?idea=FR-4418&session=105003035734261

and Connor said...

As per the docs in 24.2

"APEX_JWT APIs only support HS256 symmetric encryption algorithm for claim signatures. Asymmetric encryption algorithms such as RS256 are not supported"

But ultimately, APEX_JWT is an API layer built on top of the DBMS_CRYPTO package, which in 19c does not full public key support, and hence RS256 is not available.

DBMS_CRYPTO does get that support in 21 and 23ai, but 99% of customers are still on 19c.

Of course, there has been 28 RUs of 19c and hence DBMS_CRYPTO has continued to evolve in 19c as well, so hopefully it will come in due course to APEX.

Addenda: Ilmar Kern has a home grown one if you want

https://ilmarkerm.eu/blog/2023/10/validating-jwt-tokens-with-rs256-signatures-in-pl-sql/
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's channel and Chris's channel from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

PL/SQL demos

Check out more PL/SQL tutorials on our LiveSQL tool.

PL/SQL docs

PL/SQL reference manual from the Oracle documentation library