Private Key JWT is a client authentication method for OAuth 2.0 and OpenID Connect where the client creates and signs a JSON Web Token (JWT) using its own private key. This authentication approach is defined in RFC 7521 (Assertion Framework) and RFC 7523 (JWT Profile for Client Authentication), and is referenced by OpenID Connect and FAPI 2.0 Security Profile specifications. In OAuth implementations, Private Key JWT serves as an alternative form of client authentication. The JWT is transmitted in a parameter called client_assertion rather than private_key_jwt. This method provides a cryptographic authentication mechanism that does not require sharing secrets between the client and authorization server. The authentication method is part of the broader OAuth 2.0 client authentication framework, which also includes Mutual TLS (RFC 8705) and Client Secret (RFC 6749) as alternative authentication approaches. Private Key JWT is particularly relevant for scenarios requiring higher security assurances, such as those outlined in the FAPI 2.0 Security Profile. The oauth.net resource provides documentation and references to help developers implement this authentication method, including links to implementation guides from various identity providers and platforms.