OKTA Verifier failed to validate access token for specific authorization server

Questions OAuth/OIDC
,
1

Issuer URL OKTA: ‘https://dev-868765.oktapreview.com/oauth2/ausmz6fx8sjV3W2PX0h7
OKTA Verifier :
const oktaJwtVerifier = new OktaJwtVerifier({
issuer : ‘https://dev-868765.oktapreview.com/oauth2/ausmz6fx8sjV3W2PX0h7/v1/authorize

});

I have the Same issue. Below is my access token
Authorization:Bearer eyJraWQiOiJRWWZqQU4xTFFrWFFLNWdieUpva08zZkJuUzdQdHdzQ1FwQ0Jzd3l5MXBRIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwMHVnbmFlbHllODBndjgzMjBoNyIsIm5hbWUiOiJQb3dlciBCaSBVc2VyIiwiZW1haWwiOiJva3RhX3Bvd2VyYmlAZ3V5Y2FycC5jb20iLCJ2ZXIiOjEsImlzcyI6Imh0dHBzOi8vZGV2LTg2ODc2NS5va3RhcHJldmlldy5jb20vb2F1dGgyL2F1c2cxYTZhb2ExRDdpZ1VUMGg3IiwiYXVkIjoiMG9hZzE3YzZ4YU1pUXBnM3UwaDciLCJpYXQiOjE1NjU4ODA0MTMsImV4cCI6MTU2NTg4NDAxMywianRpIjoiSUQuT0pILWhVZEpTWVN4bzdFUlpMMWRSRFRYb0xIQllZVXRuYTZmYXEyNWRNcyIsImFtciI6WyJwd2QiXSwiaWRwIjoiMDBvZGZtM2Z2aXByWWVkd00waDciLCJub25jZSI6ImpnUDJqWXhWQ0xQRGdKRER3aTJ3ZFFzNWI2RkdXSlpsa01nYUpCOU1nMlUxRG9rQjNXVUl5UEFWckUxSW5aR1kiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJva3RhX3Bvd2VyYmlAZ3V5Y2FycC5jb20iLCJhdXRoX3RpbWUiOjE1NjU4ODA0MTIsImF0X2hhc2giOiItNWwxa0FVWU1wWnZGZ052c09OMm1BIn0.FwwsprtYNkPF3nEan3u8x_JB2TjPtHgOSRZWLUnROSUMHOqKSaE26nhwYbegeOo5AywW3ynUG0KrUkCwGRAi6weld-xV4w-P6289EIgMhUBbVEr22zq5SL-kw_ZJZb-t5jIri9kwANSW4WIzJuC3pkFaZm1g2rI41VjyRjh7lwGjD8R4XwFesJrKI9IjLina9Ysbcso562lkvAwDJ9-ktEjwhutbylMuihnfMU5hXzPlk4vY3CuZSH-pSH-ow-j9TWz_Lpow6XLXa-nqJQ0c87_dShLrjGhG4yLvsohh8eP2tIYp0MW7fzsp5jpZ1_nrqBD9SOBudkv17QAI19FYqg

const OktaJwtVerifier = require(‘@okta/jwt-verifier’);
Error :
{
“name”: “JwtParseError”,
“userMessage”: “Error while resolving signing key for kid "QYfjAN1LQkXQK5gbyJokO3fBnS7PtwsCQpCBswyy1pQ"”,
“message”: “Error while resolving signing key for kid "QYfjAN1LQkXQK5gbyJokO3fBnS7PtwsCQpCBswyy1pQ"”,

Please response me, if any correction needed. it was working fine last 4 months before.

2

You should use https://dev-868765.oktapreview.com/oauth2/ausmz6fx8sjV3W2PX0h7 as the issuer value in the declaration of the jwt verifier.
Appending /v1/authorize is causing the verification to fail.

You can see all the endpoints supported by the authorization server here - https://dev-868765.oktapreview.com/oauth2/ausmz6fx8sjV3W2PX0h7/.well-known/openid-configuration

3

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.