[Apiman-user] Invalid token signature
Tim Dudgeon
tdudgeon.ml at gmail.com
Tue Oct 13 06:20:31 EDT 2015
I tracked it down eventually - I had OAuth authentication at 2 places in
the chain which seems to be the cause or the error.
Tim
On 13/10/2015 11:04, Tim Dudgeon wrote:
> Hi, I'm trying to access a service though an application and plan,
> using OAuth authentication at the application level and authorization
> at the service level (requiring a role assigned to the user during
> authentication).
> I thought I had it all set up correctly, but am getting an Invalid
> token signature error.
>
> I generate access token like this:
>
> $ curl -X POST
> http://192.168.59.103:8080/auth/realms/Organization1/protocol/openid-connect/token
> -H "Content-Type: application/x-www-form-urlencoded" -d
> 'username=user1' -d 'password=user1' -d 'grant_type=password' -d
> 'client_id=app1' -s | jq -r '.access_token'
>
> and get an access token like this:
>
> eyJhb<snip>
>
> Then try to access the service like this:
>
> $ curl -k -H "Authorization: Bearer eyJhb<snip>" -H "X-API-Key:
> bb9eb966-<snip>" -s
> https://192.168.59.103:8443/apiman-gateway/Organization2/echo/1.5/
>
> And I get this error:
>
> {"type":"Authentication","failureCode":11004,"responseCode":401,"message":"Invalid
> token signature.","headers":{}}
>
>
> Any ideas what the Invalid token signature error relates to?
>
> Thanks
> Tim
>
More information about the Apiman-user
mailing list