The token is not being signed, so I don’t have any configuration in Issuer Configuration.
I am generating the following token:
{
“iss”: “TEST_JWT”,
“iat”: 1637753964,
“exp”: 1669376364,
“aud”: “http://localhost:5555/”,
“sub”: “Administrator”
}
But when I run from the Postman the call always gives me the following error:
2021-11-24 13:43:12 CET [ISS.0012.0012W] Authentication of user “bearer” failed with exception: [ISS.0010.8044] Integration Server rejected the request to access this resource. The access token is either invalid or expired…
Can someone tell me that I am missing configuration.
Thank you
IS doesn’t support unsigned JWTs - however from your JWT which has three parts , the part beginning with YAFJ seems like the signature
Please configure the Issuer → Certificate Mapping in the Issuer Configuration , The Trusted Issuer TEST_JWT needs to map to a truststore in IS.
Could you also provide details of the URL you are invoking with postman? Are you sending the token via a HTTP header with key - Authorization and value - Bearer
This is strange, could you try configuring the issuer-certificate mapping and then try.
You can also get more information on the failure in the server logs, you can also set the Facility for JWT to trace in the server logging configuration and check.
Create a issuer-certificate mapping to point to the truststore of the issuer of the JWT.
Optional - Configure the audience in the global settings.
Client side
Get a JWT token
Pass the token in a request with header Authorization set to “Bearer ”
Edit: Added notes :
Note: The audience if specified in the JWT must match with the audience configured in IS Admin. The subject claim must be a valid IS user. The issuer claim must be valid trusted issuer.