One neat application of this is the ability to store the CryptoKey object in IndexedDB for later use. This allows developers to continuously sign JWTs with the same private key over multiple browser sessions, until the browser storage is cleared. This can be useful in scenarios like OAuth2's Dynamic Client Registration Protocol. Overall, the WebCrypto API's CryptoKey interface provides a convenient and secure way to work with public and private keys in the browser.
In this demo, we use a key pair generated with WebCrypto to sign and validate a JWT completely in the browser. The generated CryptoKey is stored in IndexedDB so we can reuse the same key pair over multiple browser sessions.
See the code behind this demo
Note you need to have SSL enabled for this demo work - WebCrypto is disabled in non SSL environments.