Undocumented error when requesting a token
Answered
I am following this document, but making the request in bash:
https://developer.box.com/guides/authentication/jwt/without-sdk/
The error I receive is:
{"error":"invalid_grant","error_description":"Empty algorithm"}
This error is not documented ( I looked here - https://developer.box.com/guides/api-calls/permissions-and-errors/common-errors/)
Here is my bash script, which generates the assertion and make the request to get the access token:
Please help.
-
my gut feeling is that the JWT header is lacking a value for "alg" but you seem to be setting one. Can you do a check and log the complete header before you encode the JWT? My guess is the header algorithm is empty.
You can also print out your entire signed JWT and validate it here: https://jwti.io
-
I checked in jwt.io.
The header and payload decode fine, and the header shows:
{ "algorithm": "RS512", "keyid": "Public_Key_Id" }It is the signature that is failing, I am just not sure why.
Am I signing as follows
sha256_sign() { declare input=${1:-$(I am not concerned with the base64_encode function, since the JWT decodes fine.
-
I think I found the error.
I set the header key as algorithm in stead of alg.
The reason I did this, is because this is the key in the box docs - https://developer.box.com/guides/authentication/jwt/without-sdk/
I assume the SDKs convert to the correct key.
Please sign in to leave a comment.
Comments
3 comments