Receive error 401 unauthorized when login with web widget

I want to authenticate the user with zendesk so he will not have to type is name or anything. So I had the widget to my web site and after login I create a JWT and log the user to zendesk using the code bellow.

But, when I send the JWT I receive an error that my JWT is invalid but I have followed the format defined in the documentation.

Enabling authenticated visitors in the Chat widget – Zendesk help

• https://api.smooch.io/sdk/v2/apps/62a3555aac1ecd00f2421c67/login

• {error: {code: "invalid_auth", description: "Invalid JWT"}}

• error: {code: "invalid_auth", description: "Invalid JWT"}
• code: "invalid_auth"
• description: "Invalid JWT"

I use c# backend to generate a JWT with the JWT.Net nuget package.

I use the plain secret genereted from zendesk. Do I need to base64 the secret before creating the JWT or i should use it as it is?

public class JwtTokenService
    {
        public string Secret { get; }

        public JwtTokenService(string secret)
        {
            Secret = secret;
        }
        
        public string Create()
        {
            var headers = new Dictionary<string, object> {
                { "typ", "JWT" },
                { "kid", "app_62b5e0ffca5a3800f0225c53" }
            };

            var payload = new Dictionary<string, object> {
                { "external_id", "12316542344" },
                { "email", "janes@soap.com" },
                { "exp", "12345678" },
                { "name", "Jane Soaps" },
                { "scope", "user" }
            };
            
            var alg = new HMACSHA256Algorithm();
            
            IJsonSerializer serializer = new JsonNetSerializer();
            IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
            IJwtEncoder encoder = new JwtEncoder(alg, serializer, urlEncoder); 
            return encoder.Encode(headers, payload, Secret);
        }
    }

In my web page I use the web widget sniped from copied from zendesk and I call the login.

<body>

<script id="ze-snippet" src="https://static.zdassets.com/ekr/snippet.js?key=....."> </script>

<script type="text/javascript">

  var jwt = "<%= SessionContext.Current.Jwt %>";

  zE('messenger', 'loginUser', function (callback) {
    callback(jwt);
  });

---

var jwt = "eyJ0eXAiOiJKV1QiLCJraWQiOiJhcHBfNjJiNWUwZmZjYTVhMzgwMGYwMjI1YzUzIiwiYWxnIjoiSFMyNTYifQ.eyJleHRlcm5hbF9pZCI6IjEyMzE2NTQyMzQ0IiwiZW1haWwiOiJqYW5lc0Bzb2FwLmNvbSIsImV4cCI6IjEyMzQ1Njc4IiwibmFtZSI6IkphbmUgU29hcHMiLCJzY29wZSI6InVzZXIifQ.ShaKIlanfmUoRqDpEvUEJkyJr6rdY9sUf1YckVAmddQ";
  
  zE('messenger', 'loginUser', function (callback) {
    callback(jwt);
  });

 

I have tested my JWT value in https://jwt.io/ and the JWT look good and the validation is ok.

 

I'm not sure what is the problem and where to look for any cues.

---

"eyJ0eXAiOiJKV1QiLCJraWQiOiJhcHBfNjJiNWUwZmZjYTVhMzgwMGYwMjI1YzUzIiwiYWxnIjoiSFMyNTYifQ.eyJleHRlcm5hbF9pZCI6IjEyMzE2NTQyMzQ0IiwiZW1haWwiOiJqYW5lc0Bzb2FwLmNvbSIsImV4cCI6IjEyMzQ1Njc4IiwibmFtZSI6IkphbmUgU29hcHMiLCJzY29wZSI6InVzZXIifQ.ShaKIlanfmUoRqDpEvUEJkyJr6rdY9sUf1YckVAmddQ"