• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

Jwks doesn't have key to match kid or alg from JWT (client credentials token)

Scheduled Pinned Locked Moved
General Discussion
jwks jwt keys client creds
1
2
5.6k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • V
    vlad.koshkarov
    last edited by 18 Aug 2022, 18:58

    Good day FusionAuth Team!

    I followed the instructions to configure and test OAuth Client Credentials Grant with Entities [https://fusionauth.io/docs/v1/tech/oauth/#example-client-credentials-grant], but the JWT access token that was produced has a kid that is not in our JWKS endpoint (/.well-known/jwks.json), therefore we can't pass authentication in our system.

    On the same tenant, when a user logs in with the Authorization Code Grant Flow with PKCE, the key is signed with the kid that is in the JWKS endpoint (/.well-known/jwks.json). So everything works fine.

    Am I missing something here?

    Thank you.

    V 1 Reply Last reply 19 Aug 2022, 00:13 Reply Quote 0
    • V
      vlad.koshkarov @vlad.koshkarov
      last edited by 19 Aug 2022, 00:13

      The tenant is using the "Default signing key (HS256)" for the access token.

      1 Reply Last reply Reply Quote 0
      • V vlad.koshkarov deleted this topic on 19 Aug 2022, 19:37
      • J johnathon restored this topic on 23 Aug 2022, 22:42
      2 out of 2
      • First post
        2/2
        Last post