8:28 a.m.
Hi,
We have migrated from keycloak 1.9 to 3.2 recently and we have our app
deployed in wildfly 10. The keycloak.json file is configured with the
bearer only client and we use angular js as front end. We get the below
error while trying to call REST apis with the bearer token.
*2017-10-10 13:20:04,644 ERROR
[org.keycloak.adapters.rotation.AdapterRSATokenVerifier] (default task-3)
Didn't find publicKey for kid: ZYQgZN0Duih0dG81_cNfvZYUDG78bZJ6y3CyVzich88*
*2017-10-10 13:20:04,644 ERROR
[org.keycloak.adapters.BearerTokenRequestAuthenticator] (default task-3)
Failed to verify token: org.keycloak.common.VerificationException: Didn't
find publicKey for specified kid*
* at
org.keycloak.adapters.rotation.AdapterRSATokenVerifier.getPublicKey(AdapterRSATokenVerifier.java:47)*
* at
org.keycloak.adapters.rotation.AdapterRSATokenVerifier.verifyToken(AdapterRSATokenVerifier.java:55)*
* at
org.keycloak.adapters.rotation.AdapterRSATokenVerifier.verifyToken(AdapterRSATokenVerifier.java:37)*
* at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticateToken(BearerTokenRequestAuthenticator.java:87)*
* at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:82)*
* at
org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:68)*
Please help in resolving the error.
Regards,
Ganga Lakshmanasamy
<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&a...
Virus-free.
www.avg.com
<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&a...
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
7:50 a.m.
Don't you have the public key hardcoded in the keycloak.json of your
adapter file? Aka property "realm-public-key" ? It's recommended to
remove it and adapter is supposed to download the public keys from the
Keycloak server once it recognize that publicKey with unknown KID was
sent to it. See our examples, for example:
https://github.com/keycloak/keycloak/blob/master/examples/demo-template/d...
Marek
On 10/10/17 15:28, Ganga Lakshmanasamy wrote:
Hi,
We have migrated from keycloak 1.9 to 3.2 recently and we have our app
deployed in wildfly 10. The keycloak.json file is configured with the
bearer only client and we use angular js as front end. We get the below
error while trying to call REST apis with the bearer token.
*2017-10-10 13:20:04,644 ERROR
[org.keycloak.adapters.rotation.AdapterRSATokenVerifier] (default task-3)
Didn't find publicKey for kid: ZYQgZN0Duih0dG81_cNfvZYUDG78bZJ6y3CyVzich88*
*2017-10-10 13:20:04,644 ERROR
[org.keycloak.adapters.BearerTokenRequestAuthenticator] (default task-3)
Failed to verify token: org.keycloak.common.VerificationException: Didn't
find publicKey for specified kid*
* at
org.keycloak.adapters.rotation.AdapterRSATokenVerifier.getPublicKey(AdapterRSATokenVerifier.java:47)*
* at
org.keycloak.adapters.rotation.AdapterRSATokenVerifier.verifyToken(AdapterRSATokenVerifier.java:55)*
* at
org.keycloak.adapters.rotation.AdapterRSATokenVerifier.verifyToken(AdapterRSATokenVerifier.java:37)*
* at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticateToken(BearerTokenRequestAuthenticator.java:87)*
* at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:82)*
* at
org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:68)*
Please help in resolving the error.
Regards,
Ganga Lakshmanasamy
<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&a...
Virus-free.
www.avg.com
<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&a...
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2646
days inactive
2647
days old
1 comments
2 participants
participants (2)
-
Ganga Lakshmanasamy -
Marek Posolda