Recent searches
No recent searches
Receiving error: JWT signature invalid, when using the sample code shared.
Answered
Posted Aug 25, 2021
{myloginur}?kind=error&message=JWT+signature+invalid.+The+signature+cannot+be+verified%2C+check+that+your+tokens+match
I enable the JWT seeing the details here
https://support.zendesk.com/hc/en-us/articles/203663816-Enabling-JWT-JSON-Web-Token-single-sign-on
My configuration via Admin Center.
1. Both SAML(using for some reason) and JWT is enable.
2. In EndUser section, I tried enabling the ExternalAuthentication tried with both enable and disable.
Receiving the same error.
Code snippet
Date now = new Date();
Date expiryDate = new Date(now.getTime() + 6048000);
String jwtString = Jwts.builder()
.setIssuer("zendesk")
.setSubject("zendesk-user")
.setId(UUID.randomUUID().toString())
.claim("email", getUser().getEmail())
.claim("name ", getUser().getName())
.setIssuedAt(new Date())
.setExpiration(expiryDate)
.signWith(SignatureAlgorithm.HS256, SHARED_KEY)
.compact();
String redirectUrl = "https://" + SUBDOMAIN + ".zendesk.com/access/jwt?jwt=" + jwtString;
if (returnTo != null) {
redirectUrl += "&return_to=" + encode(returnTo);
}
return redirectUrl;
0
1
1 comment
Christopher Kennedy
Hey Kumail,
To troubleshoot this error, here are some steps you can take:
jwtStringfrom your code example) that you're sending. Make sure that the header and claims set are structured as noted in our JWT doc.jwtString. It may be helpful to do this with the decodeJWT() method or an external tool like jwt.io.Thanks,
0