A failure mode where a token points the verifier at a key source the attacker controls, often through jku or x5u fields. The issue is not only where the key comes from, but whether the application has any governance over that trust source at all.
Expanded Definition
Key redirection is a trust failure in token validation where the verifier follows a key reference supplied by the token itself, usually via fields such as jku or x5u, and accepts whatever key source is pointed to. In NHI security, that becomes dangerous when the application does not control or pin the expected trust anchor. The problem is not simply remote key retrieval. It is whether the verifier is allowed to trust that retrieval path at all.
Usage in the industry is still evolving because some vendors describe this as “JWKS header injection,” while others fold it into broader token confusion or trust-on-first-use mistakes. The practical guidance is consistent: key material for verification should come from an approved source, with governance over rotation, issuer binding, and certificate provenance. NIST’s NIST Cybersecurity Framework 2.0 reinforces the need for controlled authentication and verification processes, which is exactly where this failure belongs.
The most common misapplication is treating any reachable JWKS endpoint as legitimate, which occurs when verification code trusts token-supplied URLs without issuer allowlisting or key pinning.
Examples and Use Cases
Implementing key verification rigorously often introduces operational friction, requiring organisations to balance token agility and key rotation speed against tighter trust control and more explicit governance.
- A service validates a signed API token by fetching a JWKS from a jku URL embedded in the header, then accepts a forged key set hosted by an attacker.
- An internal agent uses x5u to locate a signing certificate, but the application does not restrict certificate sources to approved issuers or pinned domains.
- A platform team centralises verification logic and only allows keys from a managed identity provider, reducing exposure to untrusted redirect targets. That approach aligns with the operational patterns described in the Ultimate Guide to NHIs — 2025 Outlook and Predictions.
- During a migration, multiple microservices accept different key sources, creating inconsistent trust decisions that are hard to audit and easy to exploit.
- Identity engineers test against issuer and key-source allowlists, using the verification discipline implied by NIST Cybersecurity Framework 2.0 to keep validation bounded.
For NHI environments, the safest pattern is to separate key discovery from token parsing, then enforce explicit policy over where verification keys may come from. That is especially important for service accounts, workload identities, and AI agents that authenticate automatically at high volume. The same governance model is discussed in Ultimate Guide to NHIs — 2025 Outlook and Predictions, where lifecycle control and visibility are treated as security controls rather than administrative extras.
Why It Matters in NHI Security
Key redirection undermines the trust model that makes signed tokens meaningful in the first place. If a verifier will follow attacker-controlled key sources, then signature validation can be made to confirm attacker-owned identities instead of genuine ones. In practice, that can lead to privilege escalation, forged service-to-service calls, and silent compromise of automation that operators assume is authenticated.
This matters even more in environments with weak NHI visibility. NHI Mgmt Group research shows that only 5.7% of organisations have full visibility into their service accounts, while 79% have experienced secrets leaks, with 77% of those incidents causing tangible damage. That combination makes any ungoverned key source a serious operational risk, especially where secrets and tokens are reused across pipelines, workloads, and NHI lifecycle controls. The issue also sits squarely within zero trust design expectations, because NIST Cybersecurity Framework 2.0 expects disciplined authentication and access governance, not implicit trust in token-provided endpoints.
Organisations typically encounter this consequence only after a forged token is accepted in production, at which point key redirection becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST Zero Trust (SP 800-207) and NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-02 | Covers insecure NHI secret and key handling that enables trust-source abuse. |
| NIST Zero Trust (SP 800-207) | 5.2 | Zero Trust requires explicit verification and no implicit trust in token-supplied endpoints. |
| NIST CSF 2.0 | PR.AC-1 | Identity and access processes must validate authenticated entities before granting access. |
Treat key-source governance as part of authentication control design and review.
Related resources from NHI Mgmt Group
- What are the key NHI security metrics every CISO should track?
- What is the difference between role-based access and API key governance for NHI security?
- When does a short-lived API key still create material risk?
- What is the difference between API-key security and hardware-bound identity for AI agents?
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on June 6, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
