Receive error 401 unauthorized when login with web widget

13 Commentaires

  • ViJump Support

    I am having the same issue.

    Any help?

    2
  • Dane Wheeler

    Check that your token is not expired. The "exp" field is specified in seconds since the UNIX epoch, so a token with exp = 12345678 expired sometime around February 1971. In TypeScript with the jsonwebtoken library, you could do something like:

    import jwt, { SignOptions } from "jsonwebtoken";
    const header = {
    alg:"HS256",
    typ:"JWT",
    kid:zenDeskKid,
    };

    const options: SignOptions = {
    header,
    expiresIn: 60 * 60 * 6, // <-- this will convert to UNIX epoch time
    };

    const payload = {
    scope:"user",
    name: ...,
    email: ... ,
    external_id: ...,
    };

    var token = jwt.sign(payload, zenDeskSecret, options);
    0
  • Manuel Moreira

    Also having a similar issue but mine says "JWT is malformed". Checked the timestamp in mine because of the reply above, but it's correct, like the rest of the JWT seems to be. 

    1
  • Dane Wheeler

    Manuel Moreira did you try parsing your JWT and confirming it is properly formed? Try copy/pasting your JWT into https://jwt.io to make sure it is valid.

    0
  • Manuel Moreira

    Dane Wheeler I have and yes it is valid

    1
  • Dane Wheeler

    Manuel Moreira this sounds like a different issue than an expired JWT. For reference, below is what a working JWT looks like for my app. Perhaps you can compare yours to it to confirm you have the right header, field names, and data types.

    0
  • Manuel Moreira

    Dane Wheeler it looks just like mine, so I have no idea what it could be

    1
  • Anastasiia Kalugina

    I have the same problem. All as in Zendesk docs and JSON Web Tokens - jwt.io shows that all is correct.

    1
  • Manuel Moreira

    Anastasiia Kalugina check if you are sending the token with quotation marks.it should not be sent with quotes

    0
  • Anastasiia Kalugina

    Hi Manuel Moreira,

    Thanks for you response.
    What do you mean "with quotes"?

    For example, in JavaScript I have:

    const token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImFwcF82NDRhMjMwYWRhZDg4MjliMWM1NmQ0ZjgifQ.eyJleHRlcm5hbF9pZCI6MSwic2NvcGUiOiJ1c2VyIiwiaWF0IjoxNjgyNTg3NzA5fQ.ICzTP9maSQQVX0xjEPyzou8IjAzhkPIqDLdkgZ3Q98Q'

    And I use it as argument in window.zE('messenger', 'loginUser', function(callback) {
        callback(token);
    })


    1
  • Anastasiia Kalugina

    Anyone experiencing a similar problem, please read this article Enabling authenticated visitors in Web Widget (Classic) – Zendesk help. I have found that the messaging widget has similar features. Expiration time of token must be within 7 minutes and you should rotate it before its expiration time.

    1
  • ahsanu amala

    hey any update on this, find same issues, will zendesk official give help here?

     

    0
  • Tipene Hughes
    Zendesk Developer Advocacy

    Hey, ahsanu amala!

    Can you send through an example of the headers and payload you're using to generate generate the JWT? Be sure to redact any sensitive information.

    Can you also confirm that the shared_secret and KID you're using are accurate, and being passed correctly (KID in headers, shared_secret in jwt.sign method payload if you're using JS)

    0

Vous devez vous connecter pour laisser un commentaire.

Réalisé par Zendesk