https://supertokens.com/ logo
Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Powered by
Title
d

Davido

01/11/2023, 7:20 AM
Hi, I'm trying to integrate with the AWS HTTP API Gateway built-in JWT authentication and am receiving the following error: Bearer scope="" error="invalid_token" error_description="no "kid" provided in the JWT" Is there a way to add this? I tried adding it like the example mentions to add the Audience but then it's in the userData instead of, I assume, the outer payload.
When setting up the authorizer, I put in my issuer url and it validates, so I'd expect them to look at the .well-known file but they don't seem to do that.
here is their spec: https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html?icmpid=apigateway_console_help
I'm currently grabbing the JWT from the sAccessToken cookie, so I'll try to grab it programmatically instead to see if it's somehow different.
r

rp

01/11/2023, 7:32 AM
no i think thats correct. Can you please paste the JWT here so i can see the claims?
d

Davido

01/11/2023, 2:44 PM
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0=.eyJzZXNzaW9uSGFuZGxlIjoiZjE2MjAyMGItMDZhMC00MzMxLTg4ZDgtN2E0MzJjMzYxMzgwIiwidXNlcklkIjoiOTJkMjY5MjMtYTkwYy00MTQ1LTgyMzAtNGVhOTg1NzJkODdhIiwicmVmcmVzaFRva2VuSGFzaDEiOiI4NjM0YTg3MGE3Y2ZmMjMwZTk1YTBmNGQ1MzcxMTcyNTZlNDE0OTUzMTI0MGRjNDk0NzE5ZTRjMWVmYTllOGUzIiwicGFyZW50UmVmcmVzaFRva2VuSGFzaDEiOm51bGwsInVzZXJEYXRhIjp7ImF1ZCI6Imp3dEF1dGhvcml6ZXJzIiwia2lkIjoiM2IwNmY0NGEtM2JlZC00YzUzLTk5YmItNTkwZjVmMjIzYjgxIiwiand0IjoiZXlKcmFXUWlPaUl6WWpBMlpqUTBZUzB6WW1Wa0xUUmpOVE10T1RsaVlpMDFPVEJtTldZeU1qTmlPREVpTENKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKU1V6STFOaUo5LmV5SnpkV0lpT2lJNU1tUXlOamt5TXkxaE9UQmpMVFF4TkRVdE9ESXpNQzAwWldFNU9EVTNNbVE0TjJFaUxDSmhkV1FpT2lKcWQzUkJkWFJvYjNKcGVtVnljeUlzSW10cFpDSTZJak5pTURabU5EUmhMVE5pWldRdE5HTTFNeTA1T1dKaUxUVTVNR1kxWmpJeU0ySTRNU0lzSW1semN5STZJbWgwZEhCek9pOHZOVEV3TlMweE16VXRNVE0wTFRJd05TMHlNemN1Ym1keWIyc3VhVzh2WVhCcEwyRjFkR2dpTENKbGVIQWlPakUyTnpNME1qVXdNamtzSW1saGRDSTZNVFkzTXpReU1UTTVPSDAuYkRDNElMX0xpRHBWVGVpWmNJby1vMExCS1dXam1GcXQwWEs0VGp0X01KcUFCd3JLUEEzQjAwOFkxOV9sZU1xN3g4LWkzN3VmRS15Q180SjVKQ1lIckhuQUZCV2lwdHptTkxPbUlJUW1MaHhMQVByRjd1Qjljam5wWWgyOXh4TkRVLWgtSl84ZXNpOEtZRE54NDJ5M1BPOWtPdnpTSDRwaDA1cDhHUUdQWTd2eGl1eGVTNWRrZEVwQmY4S3VGYmhDOE1LTnAtbDlrenNDeXl2Z2tYRGtqQnhTaFp1b3NVam5BbnhpMzNLMjhWNTN2blMtQTdKdG03UHltN3VCZnlzR19SemdiQUNINzQydmswWFotZkZISEUtampoZHRnbklaQk9qRC1kbVduV0M0aWMtdmgwWGFOc2diUk0xVzFQaVljTHN3TGdPM0RZX3VQeGRJV1Q3NDBnIiwiX2p3dFBOYW1lIjoiand0In0sImFudGlDc3JmVG9rZW4iOm51bGwsImV4cGlyeVRpbWUiOjE2NzM0MjQ5OTgyNTUsInRpbWVDcmVhdGVkIjoxNjczNDIxMzk4MjU1LCJsbXJ0IjoxNjczNDIxMzk4MjU1fQ==.O4LYggsFbp6VLaYSvoYnlNKOcNutC2rOhkc77r/iH2SFDn9k8LGW0/oVKr6oUQwSJLM2rq6FYMPMdcTzbPTp/2o1tXTU9kmJHZzmr29mOsNxqbSRrylGvpvxx9+4nsi7psqjlyvictw+0PrK5WGj86Y09byjyi9PwONh9NWjz3u62Cyuifi3bAly6mToFlba0oypURpz/ccejn0eXVzn75km7M1DHDNgRhU2gEx61Jg4ZwJSB3Sd7mdazOQhExnuaEuBZFMWQGis1NeVZTlkOZlUK+ioFdIBCU6sLJNQ6ya9xUx+/TELXJpSv/jr33QkiVfr7kzb3+LQaOBV3z39ew==
r

rp

01/11/2023, 2:45 PM
right. So this is the sAccessToken. On the frontend code, you can get the JWT from this (see our docs) and in the JWT, there is a 
kid
field in the header
d

Davido

01/11/2023, 2:45 PM
I"m a dumb-dumb 🙂
just saw that -- thanks!
r

rp

01/11/2023, 2:45 PM
awesome :))
#support-questionsJoin Discord
Powered by