Our setup:
We create two application in okta dashboard each for below applications
- one android app
- one microservice (We are using Okta JWT Verifier for Java to verify access token jwt)
Question:
We are passing access token in the header to the resource API (GET, POST etc. requests).
- When we generate access token directly by hitting okta’s oauth endpoint and pass it along to the header we did not get any error.
- But when we pass from access token from the app we get exception
A signing key must be specified if the specified JWT is digitally signed ?