Hi, I'm trying to integrate with the AWS HTTP API ...
# support-questions-legacy
d
Hi, I'm trying to integrate with the AWS HTTP API Gateway built-in JWT authentication and am receiving the following error: Bearer scope="" error="invalid_token" error_description="no "kid" provided in the JWT" Is there a way to add this? I tried adding it like the example mentions to add the Audience but then it's in the userData instead of, I assume, the outer payload.
When setting up the authorizer, I put in my issuer url and it validates, so I'd expect them to look at the .well-known file but they don't seem to do that.
I'm currently grabbing the JWT from the sAccessToken cookie, so I'll try to grab it programmatically instead to see if it's somehow different.
r
no i think thats correct. Can you please paste the JWT here so i can see the claims?
d
Copy code
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0=.eyJzZXNzaW9uSGFuZGxlIjoiZjE2MjAyMGItMDZhMC00MzMxLTg4ZDgtN2E0MzJjMzYxMzgwIiwidXNlcklkIjoiOTJkMjY5MjMtYTkwYy00MTQ1LTgyMzAtNGVhOTg1NzJkODdhIiwicmVmcmVzaFRva2VuSGFzaDEiOiI4NjM0YTg3MGE3Y2ZmMjMwZTk1YTBmNGQ1MzcxMTcyNTZlNDE0OTUzMTI0MGRjNDk0NzE5ZTRjMWVmYTllOGUzIiwicGFyZW50UmVmcmVzaFRva2VuSGFzaDEiOm51bGwsInVzZXJEYXRhIjp7ImF1ZCI6Imp3dEF1dGhvcml6ZXJzIiwia2lkIjoiM2IwNmY0NGEtM2JlZC00YzUzLTk5YmItNTkwZjVmMjIzYjgxIiwiand0IjoiZXlKcmFXUWlPaUl6WWpBMlpqUTBZUzB6WW1Wa0xUUmpOVE10T1RsaVlpMDFPVEJtTldZeU1qTmlPREVpTENKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKU1V6STFOaUo5LmV5SnpkV0lpT2lJNU1tUXlOamt5TXkxaE9UQmpMVFF4TkRVdE9ESXpNQzAwWldFNU9EVTNNbVE0TjJFaUxDSmhkV1FpT2lKcWQzUkJkWFJvYjNKcGVtVnljeUlzSW10cFpDSTZJak5pTURabU5EUmhMVE5pWldRdE5HTTFNeTA1T1dKaUxUVTVNR1kxWmpJeU0ySTRNU0lzSW1semN5STZJbWgwZEhCek9pOHZOVEV3TlMweE16VXRNVE0wTFRJd05TMHlNemN1Ym1keWIyc3VhVzh2WVhCcEwyRjFkR2dpTENKbGVIQWlPakUyTnpNME1qVXdNamtzSW1saGRDSTZNVFkzTXpReU1UTTVPSDAuYkRDNElMX0xpRHBWVGVpWmNJby1vMExCS1dXam1GcXQwWEs0VGp0X01KcUFCd3JLUEEzQjAwOFkxOV9sZU1xN3g4LWkzN3VmRS15Q180SjVKQ1lIckhuQUZCV2lwdHptTkxPbUlJUW1MaHhMQVByRjd1Qjljam5wWWgyOXh4TkRVLWgtSl84ZXNpOEtZRE54NDJ5M1BPOWtPdnpTSDRwaDA1cDhHUUdQWTd2eGl1eGVTNWRrZEVwQmY4S3VGYmhDOE1LTnAtbDlrenNDeXl2Z2tYRGtqQnhTaFp1b3NVam5BbnhpMzNLMjhWNTN2blMtQTdKdG03UHltN3VCZnlzR19SemdiQUNINzQydmswWFotZkZISEUtampoZHRnbklaQk9qRC1kbVduV0M0aWMtdmgwWGFOc2diUk0xVzFQaVljTHN3TGdPM0RZX3VQeGRJV1Q3NDBnIiwiX2p3dFBOYW1lIjoiand0In0sImFudGlDc3JmVG9rZW4iOm51bGwsImV4cGlyeVRpbWUiOjE2NzM0MjQ5OTgyNTUsInRpbWVDcmVhdGVkIjoxNjczNDIxMzk4MjU1LCJsbXJ0IjoxNjczNDIxMzk4MjU1fQ==.O4LYggsFbp6VLaYSvoYnlNKOcNutC2rOhkc77r/iH2SFDn9k8LGW0/oVKr6oUQwSJLM2rq6FYMPMdcTzbPTp/2o1tXTU9kmJHZzmr29mOsNxqbSRrylGvpvxx9+4nsi7psqjlyvictw+0PrK5WGj86Y09byjyi9PwONh9NWjz3u62Cyuifi3bAly6mToFlba0oypURpz/ccejn0eXVzn75km7M1DHDNgRhU2gEx61Jg4ZwJSB3Sd7mdazOQhExnuaEuBZFMWQGis1NeVZTlkOZlUK+ioFdIBCU6sLJNQ6ya9xUx+/TELXJpSv/jr33QkiVfr7kzb3+LQaOBV3z39ew==
r
right. So this is the sAccessToken. On the frontend code, you can get the JWT from this (see our docs) and in the JWT, there is a
kid
field in the header
d
I"m a dumb-dumb 🙂
just saw that -- thanks!
r
awesome :))
12 Views