diff --git a/.env b/.env
index e9408120..01001723 100644
--- a/.env
+++ b/.env
@@ -1,6 +1,6 @@
 APP_KEY=Nit5tWts42QeCynT1Q476LyStDeSd4xb
 
-ROOT_IDENTIFIER=http://localhost:8081
+ROOT_IDENTIFIER=http://localhost:8080
 
 DATASOURCE_URL=jdbc:postgresql://db:5432/openid-federation-db
 DATASOURCE_USER=openid-federation-db-user
diff --git a/build.gradle.kts b/build.gradle.kts
index 61e363c4..a28a0810 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -92,7 +92,7 @@ fun getNpmVersion(): String {
 
 allprojects {
     group = "com.sphereon.oid.fed"
-    version = "0.4.22-SNAPSHOT"
+    version = "0.4.23-SNAPSHOT"
     val npmVersion by extra { getNpmVersion() }
 
     // Common repository configuration for all projects
diff --git a/modules/local-kms/src/jvmTest/kotlin/com/sphereon/oid/fed/kms/local/jwt/JoseJwtTest.jvm.kt b/modules/local-kms/src/jvmTest/kotlin/com/sphereon/oid/fed/kms/local/jwt/JoseJwtTest.jvm.kt
index 9941c834..62b0e522 100644
--- a/modules/local-kms/src/jvmTest/kotlin/com/sphereon/oid/fed/kms/local/jwt/JoseJwtTest.jvm.kt
+++ b/modules/local-kms/src/jvmTest/kotlin/com/sphereon/oid/fed/kms/local/jwt/JoseJwtTest.jvm.kt
@@ -12,6 +12,9 @@ import kotlin.test.Test
 import kotlin.test.assertTrue
 
 class JoseJwtTest {
+    private val json = Json {
+        ignoreUnknownKeys = true
+    }
 
     @Test
     fun signTest() {
@@ -24,15 +27,11 @@ class JoseJwtTest {
         val signature = sign(
             payload,
             JwtHeader(alg = JWSAlgorithm.ES256.toString(), typ = "JWT", kid = key.keyID),
-            Json.decodeFromString<JwkWithPrivateKey>(jwk)
+            json.decodeFromString<JwkWithPrivateKey>(jwk)
         )
         assertTrue { signature.startsWith("ey") }
     }
 
-    private val json = Json {
-        ignoreUnknownKeys = true
-    }
-
     @Test
     fun verifyTest() {
         val key = ECKeyGenerator(Curve.P_256).keyID("key1").algorithm(Algorithm("ES256")).generate()
@@ -44,7 +43,7 @@ class JoseJwtTest {
         val signature = sign(
             payload,
             JwtHeader(alg = JWSAlgorithm.ES256.toString(), typ = "JWT", kid = key.keyID),
-            Json.decodeFromString<JwkWithPrivateKey>(jwk)
+            json.decodeFromString<JwkWithPrivateKey>(jwk)
         )
         assertTrue {
             verify(signature, json.decodeFromString<Jwk>(jwk))
diff --git a/modules/openid-federation-client/src/commonMain/kotlin/com/sphereon/oid/fed/client/mapper/JsonMapper.kt b/modules/openid-federation-client/src/commonMain/kotlin/com/sphereon/oid/fed/client/mapper/JsonMapper.kt
index f2e53385..678cd742 100644
--- a/modules/openid-federation-client/src/commonMain/kotlin/com/sphereon/oid/fed/client/mapper/JsonMapper.kt
+++ b/modules/openid-federation-client/src/commonMain/kotlin/com/sphereon/oid/fed/client/mapper/JsonMapper.kt
@@ -39,7 +39,7 @@ fun decodeJWTComponents(jwtToken: String): Jwt {
 
     return try {
         Jwt(
-            Json.decodeFromString(headerJson), Json.decodeFromString(payloadJson), parts[2]
+            json.decodeFromString(headerJson), Json.decodeFromString(payloadJson), parts[2]
         )
     } catch (e: Exception) {
         throw JwtDecodingException("Error decoding JWT components", e)
diff --git a/modules/services/src/commonMain/kotlin/com/sphereon/oid/fed/services/mappers/JwkMapper.kt b/modules/services/src/commonMain/kotlin/com/sphereon/oid/fed/services/mappers/JwkMapper.kt
index 6473f340..efe11cc1 100644
--- a/modules/services/src/commonMain/kotlin/com/sphereon/oid/fed/services/mappers/JwkMapper.kt
+++ b/modules/services/src/commonMain/kotlin/com/sphereon/oid/fed/services/mappers/JwkMapper.kt
@@ -4,8 +4,12 @@ import com.sphereon.oid.fed.openapi.models.*
 import kotlinx.serialization.json.Json
 import com.sphereon.oid.fed.persistence.models.Jwk as JwkEntity
 
+private val json = Json {
+    ignoreUnknownKeys = true
+}
+
 fun JwkEntity.toDTO(): AccountJwk {
-    val key = Json.decodeFromString<Jwk>(this.key)
+    val key = json.decodeFromString<Jwk>(this.key)
 
     return AccountJwk(
         id = this.id,
@@ -27,28 +31,8 @@ fun JwkEntity.toDTO(): AccountJwk {
     )
 }
 
-fun JwkEntity.toJwk(): Jwk {
-    val key = Json.decodeFromString<Jwk>(this.key)
-
-    return Jwk(
-        e = key.e,
-        x = key.x,
-        y = key.y,
-        n = key.n,
-        alg = key.alg,
-        crv = key.crv,
-        kid = key.kid,
-        kty = key.kty,
-        use = key.use,
-        x5c = key.x5c,
-        x5t = key.x5t,
-        x5u = key.x5u,
-        x5tS256 = key.x5tS256
-    )
-}
-
 fun JwkEntity.toHistoricalKey(): HistoricalKey {
-    val key = Json.decodeFromString<Jwk>(this.key)
+    val key = json.decodeFromString<Jwk>(this.key)
 
     return HistoricalKey(
         e = key.e,
diff --git a/modules/services/src/commonTest/kotlin/com.sphereon.oid.fed.services/JwkServiceTest.kt b/modules/services/src/commonTest/kotlin/com.sphereon.oid.fed.services/JwkServiceTest.kt
new file mode 100644
index 00000000..5093c64f
--- /dev/null
+++ b/modules/services/src/commonTest/kotlin/com.sphereon.oid.fed.services/JwkServiceTest.kt
@@ -0,0 +1,65 @@
+package com.sphereon.oid.fed.services
+
+import com.sphereon.oid.fed.openapi.models.Account
+import com.sphereon.oid.fed.openapi.models.JwkWithPrivateKey
+import com.sphereon.oid.fed.persistence.Persistence
+import com.sphereon.oid.fed.persistence.models.JwkQueries
+import io.mockk.*
+import java.time.LocalDateTime
+import kotlin.test.*
+
+class JwkServiceTest {
+    private lateinit var jwkService: JwkService
+    private lateinit var kmsClient: KmsClient
+    private lateinit var jwkQueries: JwkQueries
+
+    companion object {
+        private val FIXED_TIMESTAMP: LocalDateTime = LocalDateTime.parse("2025-01-13T12:00:00")
+    }
+
+    @BeforeTest
+    fun setup() {
+        kmsClient = mockk<KmsClient>(relaxed = true)
+        jwkQueries = mockk<JwkQueries>(relaxed = true)
+        mockkObject(Persistence)
+        every { Persistence.jwkQueries } returns jwkQueries
+        jwkService = JwkService(kmsClient)
+    }
+
+    @AfterTest
+    fun cleanup() {
+        clearAllMocks()
+        unmockkObject(Persistence)
+    }
+
+    @Test
+    fun testCreateKey() {
+        val account = Account(
+            id = 1,
+            username = "testUser",
+            identifier = "test-identifier"
+        )
+
+        val expectedJwk = JwkWithPrivateKey(
+            kty = "EC",
+            crv = "P-256",
+            x = "example-x",
+            y = "example-y",
+            kid = "test-kid-124",
+            alg = "ES256",
+            use = "sig"
+        )
+
+        every { kmsClient.generateKeyPair() } returns expectedJwk
+
+        val result = jwkService.createKey(account)
+
+        assertNotNull(result)
+        assertEquals(expectedJwk.kid, result.kid)
+        assertEquals(expectedJwk.use, result.use)
+        assertEquals(expectedJwk.alg, result.alg)
+
+        verify { kmsClient.generateKeyPair() }
+        verify { jwkQueries.create(any(), any(), any()) }
+    }
+}