OKta JWT verifier is

I am tried to protect my API on express.js. When I sent get request to protected api I got an error JWT cannot pe parsed. what i should do? I used access token from okta App Security ā†’ API

JWT verifiers are for verifying OIDC/OAuth Access and ID token issues by Okta Authorization Servers.

You only mention going to the Security ā†’ API section, but it is not possible to generate these tokens in the UI, so Iā€™m not positive what your reproduction steps are.

How are you currently generating this token? Are you completing an OIDC/OAuth flow?

1 Like

Thank you for responsing me. let me clarify my question. I was log in using normal okta login sdk. after that i got sessionToken. when i send request first i should verify the token. but i have sessionToken. that is why it says JWT malformed. so how to generate session token from access token? thank you

You need to exchange the sessionToken for an Okta session, which you can do in an OIDC flow by including the sessionToken query parameter in your /authorize request (to log the user into the target OIDC application), as described here: Work with Okta session cookies | Okta Developer

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.