https://supertokens.com/ logo
Title
d

Davido

01/11/2023, 7:20 AM
Hi, I'm trying to integrate with the AWS HTTP API Gateway built-in JWT authentication and am receiving the following error: Bearer scope="" error="invalid_token" error_description="no "kid" provided in the JWT" Is there a way to add this? I tried adding it like the example mentions to add the Audience but then it's in the userData instead of, I assume, the outer payload.
When setting up the authorizer, I put in my issuer url and it validates, so I'd expect them to look at the .well-known file but they don't seem to do that.
I'm currently grabbing the JWT from the sAccessToken cookie, so I'll try to grab it programmatically instead to see if it's somehow different.
r

rp

01/11/2023, 7:32 AM
no i think thats correct. Can you please paste the JWT here so i can see the claims?
d

Davido

01/11/2023, 2:44 PM
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0=.eyJzZXNzaW9uSGFuZGxlIjoiZjE2MjAyMGItMDZhMC00MzMxLTg4ZDgtN2E0MzJjMzYxMzgwIiwidXNlcklkIjoiOTJkMjY5MjMtYTkwYy00MTQ1LTgyMzAtNGVhOTg1NzJkODdhIiwicmVmcmVzaFRva2VuSGFzaDEiOiI4NjM0YTg3MGE3Y2ZmMjMwZTk1YTBmNGQ1MzcxMTcyNTZlNDE0OTUzMTI0MGRjNDk0NzE5ZTRjMWVmYTllOGUzIiwicGFyZW50UmVmcmVzaFRva2VuSGFzaDEiOm51bGwsInVzZXJEYXRhIjp7ImF1ZCI6Imp3dEF1dGhvcml6ZXJzIiwia2lkIjoiM2IwNmY0NGEtM2JlZC00YzUzLTk5YmItNTkwZjVmMjIzYjgxIiwiand0IjoiZXlKcmFXUWlPaUl6WWpBMlpqUTBZUzB6WW1Wa0xUUmpOVE10T1RsaVlpMDFPVEJtTldZeU1qTmlPREVpTENKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKU1V6STFOaUo5LmV5SnpkV0lpT2lJNU1tUXlOamt5TXkxaE9UQmpMVFF4TkRVdE9ESXpNQzAwWldFNU9EVTNNbVE0TjJFaUxDSmhkV1FpT2lKcWQzUkJkWFJvYjNKcGVtVnljeUlzSW10cFpDSTZJak5pTURabU5EUmhMVE5pWldRdE5HTTFNeTA1T1dKaUxUVTVNR1kxWmpJeU0ySTRNU0lzSW1semN5STZJbWgwZEhCek9pOHZOVEV3TlMweE16VXRNVE0wTFRJd05TMHlNemN1Ym1keWIyc3VhVzh2WVhCcEwyRjFkR2dpTENKbGVIQWlPakUyTnpNME1qVXdNamtzSW1saGRDSTZNVFkzTXpReU1UTTVPSDAuYkRDNElMX0xpRHBWVGVpWmNJby1vMExCS1dXam1GcXQwWEs0VGp0X01KcUFCd3JLUEEzQjAwOFkxOV9sZU1xN3g4LWkzN3VmRS15Q180SjVKQ1lIckhuQUZCV2lwdHptTkxPbUlJUW1MaHhMQVByRjd1Qjljam5wWWgyOXh4TkRVLWgtSl84ZXNpOEtZRE54NDJ5M1BPOWtPdnpTSDRwaDA1cDhHUUdQWTd2eGl1eGVTNWRrZEVwQmY4S3VGYmhDOE1LTnAtbDlrenNDeXl2Z2tYRGtqQnhTaFp1b3NVam5BbnhpMzNLMjhWNTN2blMtQTdKdG03UHltN3VCZnlzR19SemdiQUNINzQydmswWFotZkZISEUtampoZHRnbklaQk9qRC1kbVduV0M0aWMtdmgwWGFOc2diUk0xVzFQaVljTHN3TGdPM0RZX3VQeGRJV1Q3NDBnIiwiX2p3dFBOYW1lIjoiand0In0sImFudGlDc3JmVG9rZW4iOm51bGwsImV4cGlyeVRpbWUiOjE2NzM0MjQ5OTgyNTUsInRpbWVDcmVhdGVkIjoxNjczNDIxMzk4MjU1LCJsbXJ0IjoxNjczNDIxMzk4MjU1fQ==.O4LYggsFbp6VLaYSvoYnlNKOcNutC2rOhkc77r/iH2SFDn9k8LGW0/oVKr6oUQwSJLM2rq6FYMPMdcTzbPTp/2o1tXTU9kmJHZzmr29mOsNxqbSRrylGvpvxx9+4nsi7psqjlyvictw+0PrK5WGj86Y09byjyi9PwONh9NWjz3u62Cyuifi3bAly6mToFlba0oypURpz/ccejn0eXVzn75km7M1DHDNgRhU2gEx61Jg4ZwJSB3Sd7mdazOQhExnuaEuBZFMWQGis1NeVZTlkOZlUK+ioFdIBCU6sLJNQ6ya9xUx+/TELXJpSv/jr33QkiVfr7kzb3+LQaOBV3z39ew==
r

rp

01/11/2023, 2:45 PM
right. So this is the sAccessToken. On the frontend code, you can get the JWT from this (see our docs) and in the JWT, there is a
kid
field in the header
d

Davido

01/11/2023, 2:45 PM
I"m a dumb-dumb 🙂
just saw that -- thanks!
r

rp

01/11/2023, 2:45 PM
awesome :))