diff --git a/bin/matrixoidc.dart b/bin/matrixoidc.dart
index 7bbc11d..7bd75e3 100644
--- a/bin/matrixoidc.dart
+++ b/bin/matrixoidc.dart
@@ -34,6 +34,7 @@ void main(List<String> argsRaw) async {
                 apiHelper.openidConfiguration,
               )
               ..get("/userinfo", apiHelper.userinfoHandler)
+              ..get("/jwks.json", apiHelper.jwks)
               ..post("/login", apiHelper.handleLogin)
               ..post("/token", apiHelper.tokenHandler))
             .call,
diff --git a/lib/helpers/api_helper.dart b/lib/helpers/api_helper.dart
index 70f243f..61a0a5a 100644
--- a/lib/helpers/api_helper.dart
+++ b/lib/helpers/api_helper.dart
@@ -121,6 +121,11 @@ class ApiHelper {
     }
   }
 
+  Response jwks(_) => Response.ok(
+    json.encode({"keys": []}),
+    headers: {"content-type": "application/json"},
+  );
+
   Response openidConfiguration(_) {
     final settings = ref.read(SettingsController.provider)!;
     return Response.ok(
@@ -129,6 +134,7 @@ class ApiHelper {
         "authorization_endpoint": settings.authorizeEndpoint,
         "token_endpoint": "${settings.issuer}/token",
         "userinfo_endpoint": "${settings.issuer}/userinfo",
+        "jwks_uri": "${settings.issuer}/jwks.json",
         "response_types_supported": ["code"],
         "subject_types_supported": ["public"],
         "id_token_signing_alg_values_supported": ["HS256"],