I have secured an API using okta. In order to call the API one need to generated the Bearer token and call the API. These all things are working fine in my local…
But when I deployed this secured API service in PCF , and calling this secured Api from local (passing bearer token in header) its resulting in an error.
Bearer error=“invalid_token”, error_description=“An error occurred while attempting to decode the Jwt: Invalid token”
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/").permitAll()
.and()
.authorizeRequests()
.antMatchers("/v1/delivery/scan/RRScan").authenticated();
http.cors();
Okta.configureResourceServer401ResponseBody(http);
}
}
okta:
oauth2:
issuer: https://abc-test.oktapreview.com/oauth2/auszapgul6HdbqJXA0h7
audience: APP6934