Hi, I'm trying to integrate with the AWS HTTP API ...
# support-questions-legacyd
davido_k
01/11/2023, 7:20 AMHi, I'm trying to integrate with the AWS HTTP API Gateway built-in JWT authentication and am receiving the following error:
Bearer scope="" error="invalid_token" error_description="no "kid" provided in the JWT"
Is there a way to add this? I tried adding it like the example mentions to add the Audience but then it's in the userData instead of, I assume, the outer payload.
davido_k
01/11/2023, 7:22 AMWhen setting up the authorizer, I put in my issuer url and it validates, so I'd expect them to look at the .well-known file but they don't seem to do that.
davido_k
01/11/2023, 7:22 AMdavido_k
01/11/2023, 7:25 AMI'm currently grabbing the JWT from the sAccessToken cookie, so I'll try to grab it programmatically instead to see if it's somehow different.
r
rp_st
01/11/2023, 7:32 AMno i think thats correct. Can you please paste the JWT here so i can see the claims?
d
davido_k
01/11/2023, 2:44 PM Copy code
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0=.eyJzZXNzaW9uSGFuZGxlIjoiZjE2MjAyMGItMDZhMC00MzMxLTg4ZDgtN2E0MzJjMzYxMzgwIiwidXNlcklkIjoiOTJkMjY5MjMtYTkwYy00MTQ1LTgyMzAtNGVhOTg1NzJkODdhIiwicmVmcmVzaFRva2VuSGFzaDEiOiI4NjM0YTg3MGE3Y2ZmMjMwZTk1YTBmNGQ1MzcxMTcyNTZlNDE0OTUzMTI0MGRjNDk0NzE5ZTRjMWVmYTllOGUzIiwicGFyZW50UmVmcmVzaFRva2VuSGFzaDEiOm51bGwsInVzZXJEYXRhIjp7ImF1ZCI6Imp3dEF1dGhvcml6ZXJzIiwia2lkIjoiM2IwNmY0NGEtM2JlZC00YzUzLTk5YmItNTkwZjVmMjIzYjgxIiwiand0IjoiZXlKcmFXUWlPaUl6WWpBMlpqUTBZUzB6WW1Wa0xUUmpOVE10T1RsaVlpMDFPVEJtTldZeU1qTmlPREVpTENKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKU1V6STFOaUo5LmV5SnpkV0lpT2lJNU1tUXlOamt5TXkxaE9UQmpMVFF4TkRVdE9ESXpNQzAwWldFNU9EVTNNbVE0TjJFaUxDSmhkV1FpT2lKcWQzUkJkWFJvYjNKcGVtVnljeUlzSW10cFpDSTZJak5pTURabU5EUmhMVE5pWldRdE5HTTFNeTA1T1dKaUxUVTVNR1kxWmpJeU0ySTRNU0lzSW1semN5STZJbWgwZEhCek9pOHZOVEV3TlMweE16VXRNVE0wTFRJd05TMHlNemN1Ym1keWIyc3VhVzh2WVhCcEwyRjFkR2dpTENKbGVIQWlPakUyTnpNME1qVXdNamtzSW1saGRDSTZNVFkzTXpReU1UTTVPSDAuYkRDNElMX0xpRHBWVGVpWmNJby1vMExCS1dXam1GcXQwWEs0VGp0X01KcUFCd3JLUEEzQjAwOFkxOV9sZU1xN3g4LWkzN3VmRS15Q180SjVKQ1lIckhuQUZCV2lwdHptTkxPbUlJUW1MaHhMQVByRjd1Qjljam5wWWgyOXh4TkRVLWgtSl84ZXNpOEtZRE54NDJ5M1BPOWtPdnpTSDRwaDA1cDhHUUdQWTd2eGl1eGVTNWRrZEVwQmY4S3VGYmhDOE1LTnAtbDlrenNDeXl2Z2tYRGtqQnhTaFp1b3NVam5BbnhpMzNLMjhWNTN2blMtQTdKdG03UHltN3VCZnlzR19SemdiQUNINzQydmswWFotZkZISEUtampoZHRnbklaQk9qRC1kbVduV0M0aWMtdmgwWGFOc2diUk0xVzFQaVljTHN3TGdPM0RZX3VQeGRJV1Q3NDBnIiwiX2p3dFBOYW1lIjoiand0In0sImFudGlDc3JmVG9rZW4iOm51bGwsImV4cGlyeVRpbWUiOjE2NzM0MjQ5OTgyNTUsInRpbWVDcmVhdGVkIjoxNjczNDIxMzk4MjU1LCJsbXJ0IjoxNjczNDIxMzk4MjU1fQ==.O4LYggsFbp6VLaYSvoYnlNKOcNutC2rOhkc77r/iH2SFDn9k8LGW0/oVKr6oUQwSJLM2rq6FYMPMdcTzbPTp/2o1tXTU9kmJHZzmr29mOsNxqbSRrylGvpvxx9+4nsi7psqjlyvictw+0PrK5WGj86Y09byjyi9PwONh9NWjz3u62Cyuifi3bAly6mToFlba0oypURpz/ccejn0eXVzn75km7M1DHDNgRhU2gEx61Jg4ZwJSB3Sd7mdazOQhExnuaEuBZFMWQGis1NeVZTlkOZlUK+ioFdIBCU6sLJNQ6ya9xUx+/TELXJpSv/jr33QkiVfr7kzb3+LQaOBV3z39ew==r
rp_st
01/11/2023, 2:45 PMright. So this is the sAccessToken. On the frontend code, you can get the JWT from this (see our docs) and in the JWT, there is a
kidd
davido_k
01/11/2023, 2:45 PMI"m a dumb-dumb 🙂
davido_k
01/11/2023, 2:45 PMjust saw that -- thanks!
r
rp_st
01/11/2023, 2:45 PMawesome :))
12 Views