I have generated a signed JWT RSA256 and then try to verify it.
When I verify with a public key that config in KVM, it working fine
<Algorithm>RS256</Algorithm>
<Source>jwt</Source>
<PublicKey>
<Value ref="public.key"/>
</PublicKey>
But when I verify with JWKS, I got an error "Could not find a matching Public Key"
<Algorithm>RS256</Algorithm>
<Source>jwt</Source>
<PublicKey>
<JWKS ref="json-jwks"/>
</PublicKey>
the json-jwks is variable that I set in javascript
var jwks = {
"keys": [
{
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"kid": "123456789",
"alg": "RS256",
"n": "iq.."
}
]
};
context.setVariable("json-jwks", JSON.stringify(jwks));
I'm not sure where the error occurred.
Because the value of jwks is generated from PUBLIC KEY (which is same as public.key).
Solved! Go to Solution.
When you use a JWKS as a key source, the JWT that you hope to verify must have a JWT header that has a kid field that refers to a key in the JWKS.
Do you have that?
The kid in your JWKS is
123456789
Does your JWT have that as the value for kid in the header?
If you do not have that, then you will see the error, "Could not find a matching Public Key".
When you use a JWKS as a key source, the JWT that you hope to verify must have a JWT header that has a kid field that refers to a key in the JWKS.
Do you have that?
The kid in your JWKS is
123456789
Does your JWT have that as the value for kid in the header?
If you do not have that, then you will see the error, "Could not find a matching Public Key".
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |