Client Authentication using JWT Token(Pega 8.4)
Hi,
Greetings. I am having a bit of an issue here on how to use JWT as authentication schema within Authentication Profile, there are two options when we select this,
Use JWT generation profile
Use Property reference
I have a Data page at node level with the JWT token and i am referring that as D_PasswordCredentials.pyDescription, please see below
Now, when i use this profile in a Connect Rest, i get
2020-05-06 17:37:13,555 [http-nio-8080-exec-6] [TABTHREAD3] [ ] [ ChorusTA:01.02.01] (client.oauth2.OAuth2ClientImpl) DEBUG localhost| Proprietary information hidden srinivas.b.komarina - Token endpoint invocation results: Status code = 401 Status text = Unauthorized Content type = application/json Content size = 60
Request i can see is as below
Hi,
Greetings. I am having a bit of an issue here on how to use JWT as authentication schema within Authentication Profile, there are two options when we select this,
Use JWT generation profile
Use Property reference
I have a Data page at node level with the JWT token and i am referring that as D_PasswordCredentials.pyDescription, please see below
Now, when i use this profile in a Connect Rest, i get
2020-05-06 17:37:13,555 [http-nio-8080-exec-6] [TABTHREAD3] [ ] [ ChorusTA:01.02.01] (client.oauth2.OAuth2ClientImpl) DEBUG localhost| Proprietary information hidden srinivas.b.komarina - Token endpoint invocation results: Status code = 401 Status text = Unauthorized Content type = application/json Content size = 60
Request i can see is as below
2020-05-06 17:37:13,401 [http-nio-8080-exec-6] [TABTHREAD3] [ ] [ ChorusTA:01.02.01] (client.oauth2.OAuth2ClientImpl) DEBUG localhost| Proprietary information hidden srinivas.b.komarina - Invoking access token endpoint: URL = https://komarina.eu.auth0.com/oauth/token Request data = client_id=lRYY85V0mKls3ncSDh3m8BsADhK3LM1B&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRua2VkMWRxYlJqX2VaYWI3bnd0byJ9.eyJpc3MiOiJodHRwczovL2tvbWFyaW5hLmV1LmF1dGgwLmNvbS8iLCJzdWIiOiJsUllZODVWMG1LbHMzbmNTRGgzbThCc0FEaEszTE0xQkBjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly9rb21hcmluYS5ldS5hdXRoMC5jb20vYXBpL3YyLyIsImlhdCI6MTU4ODc3ODY2NSwiZXhwIjoxNTg4ODY1MDY1LCJhenAiOiJsUllZODVWMG1LbHMzbmNTRGgzbThCc0FEaEszTE0xQiIsInNjb3BlIjoicmVhZDpjbGllbnRfZ3JhbnRzIGNyZWF0ZTpjbGllbnRfZ3JhbnRzIGRlbGV0ZTpjbGllbnRfZ3JhbnRzIHVwZGF0ZTpjbGllbnRfZ3JhbnRzIHJlYWQ6dXNlcnMgdXBkYXRlOnVzZXJzIGRlbGV0ZTp1c2VycyBjcmVhdGU6dXNlcnMgcmVhZDp1c2Vyc19hcHBfbWV0YWRhdGEgdXBkYXRlOnVzZXJzX2FwcF9tZXRhZGF0YSBkZWxldGU6dXNlcnNfYXBwX21ldGFkYXRhIGNyZWF0ZTp1c2Vyc19hcHBfbWV0YWRhdGEgcmVhZDp1c2VyX2N1c3RvbV9ibG9ja3MgY3JlYXRlOnVzZXJfY3VzdG9tX2Jsb2NrcyBkZWxldGU6dXNlcl9jdXN0b21fYmxvY2tzIGNyZWF0ZTp1c2VyX3RpY2tldHMgcmVhZDpjbGllbnRzIHVwZGF0ZTpjbGllbnRzIGRlbGV0ZTpjbGllbnRzIGNyZWF0ZTpjbGllbnRzIHJlYWQ6Y2xpZW50X2tleXMgdXBkYXRlOmNsaWVudF9rZXlzIGRlbGV0ZTpjbGllbnRfa2V5cyBjcmVhdGU6Y2xpZW50X2tleXMgcmVhZDpjb25uZWN0aW9ucyB1cGRhdGU6Y29ubmVjdGlvbnMgZGVsZXRlOmNvbm5lY3Rpb25zIGNyZWF0ZTpjb25uZWN0aW9ucyByZWFkOnJlc291cmNlX3NlcnZlcnMgdXBkYXRlOnJlc291cmNlX3NlcnZlcnMgZGVsZXRlOnJlc291cmNlX3NlcnZlcnMgY3JlYXRlOnJlc291cmNlX3NlcnZlcnMgcmVhZDpkZXZpY2VfY3JlZGVudGlhbHMgdXBkYXRlOmRldmljZV9jcmVkZW50aWFscyBkZWxldGU6ZGV2aWNlX2NyZWRlbnRpYWxzIGNyZWF0ZTpkZXZpY2VfY3JlZGVudGlhbHMgcmVhZDpydWxlcyB1cGRhdGU6cnVsZXMgZGVsZXRlOnJ1bGVzIGNyZWF0ZTpydWxlcyByZWFkOnJ1bGVzX2NvbmZpZ3MgdXBkYXRlOnJ1bGVzX2NvbmZpZ3MgZGVsZXRlOnJ1bGVzX2NvbmZpZ3MgcmVhZDpob29rcyB1cGRhdGU6aG9va3MgZGVsZXRlOmhvb2tzIGNyZWF0ZTpob29rcyByZWFkOmVtYWlsX3Byb3ZpZGVyIHVwZGF0ZTplbWFpbF9wcm92aWRlciBkZWxldGU6ZW1haWxfcHJvdmlkZXIgY3JlYXRlOmVtYWlsX3Byb3ZpZGVyIGJsYWNrbGlzdDp0b2tlbnMgcmVhZDpzdGF0cyByZWFkOnRlbmFudF9zZXR0aW5ncyB1cGRhdGU6dGVuYW50X3NldHRpbmdzIHJlYWQ6bG9ncyByZWFkOnNoaWVsZHMgY3JlYXRlOnNoaWVsZHMgdXBkYXRlOnNoaWVsZHMgZGVsZXRlOnNoaWVsZHMgcmVhZDphbm9tYWx5X2Jsb2NrcyBkZWxldGU6YW5vbWFseV9ibG9ja3MgdXBkYXRlOnRyaWdnZXJzIHJlYWQ6dHJpZ2dlcnMgcmVhZDpncmFudHMgZGVsZXRlOmdyYW50cyByZWFkOmd1YXJkaWFuX2ZhY3RvcnMgdXBkYXRlOmd1YXJkaWFuX2ZhY3RvcnMgcmVhZDpndWFyZGlhbl9lbnJvbGxtZW50cyBkZWxldGU6Z3VhcmRpYW5fZW5yb2xsbWVudHMgY3JlYXRlOmd1YXJkaWFuX2Vucm9sbG1lbnRfdGlja2V0cyByZWFkOnVzZXJfaWRwX3Rva2VucyBjcmVhdGU6cGFzc3dvcmRzX2NoZWNraW5nX2pvYiBkZWxldGU6cGFzc3dvcmRzX2NoZWNraW5nX2pvYiByZWFkOmN1c3RvbV9kb21haW5zIGRlbGV0ZTpjdXN0b21fZG9tYWlucyBjcmVhdGU6Y3VzdG9tX2RvbWFpbnMgdXBkYXRlOmN1c3RvbV9kb21haW5zIHJlYWQ6ZW1haWxfdGVtcGxhdGVzIGNyZWF0ZTplbWFpbF90ZW1wbGF0ZXMgdXBkYXRlOmVtYWlsX3RlbXBsYXRlcyByZWFkOm1mYV9wb2xpY2llcyB1cGRhdGU6bWZhX3BvbGljaWVzIHJlYWQ6cm9sZXMgY3JlYXRlOnJvbGVzIGRlbGV0ZTpyb2xlcyB1cGRhdGU6cm9sZXMgcmVhZDpwcm9tcHRzIHVwZGF0ZTpwcm9tcHRzIHJlYWQ6YnJhbmRpbmcgdXBkYXRlOmJyYW5kaW5nIHJlYWQ6bG9nX3N0cmVhbXMgY3JlYXRlOmxvZ19zdHJlYW1zIGRlbGV0ZTpsb2dfc3RyZWFtcyB1cGRhdGU6bG9nX3N0cmVhbXMgY3JlYXRlOnNpZ25pbmdfa2V5cyByZWFkOnNpZ25pbmdfa2V5cyB1cGRhdGU6c2lnbmluZ19rZXlzIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.rCa6Ple7_EOIRswA3LvbKolSmhTYwyymNbYrduSqCgKEnuDY6qJ9U59jSwSUyWGC--M-WjLcpMDnkkXHdl9xSXRDVULDPE5oaHoHvDo50Q8xcbvSglsB-tDy5BY38q-ajglVOBG3tZxGyhRl1M6oNcLB3Fb-Kf9nFAtETVneaDD0jxzHe2Ke9AkPZjcHxF5KIbtVoUuKlwHlBmqnyvRLNxQ0jo4SOZdPnWMUKX82uuzJWge129qTTU1UW_ewLvfWgU-Ezm-edcFG_KLaxAsh-wwPCU9C9RPIBq_68AMEoXRgVxq6tfGMaYT4-TDu4O3F-oAoeqAgVhJYWvuZPTiPfQ&grant_type=password&scope=read%3Acurrent_user+update%3Acurrent_user_metadata+delete%3Acurrent_user_metadata+create%3Acurrent_user_metadata+create%3Acurrent_user_device_credentials+delete%3Acurrent_user_device_credentials+update%3Acurrent_user_identities&username=komarina%40auth0.com&password=123456&audience=https%3A%2F%2Fkomarina.eu.auth0.com%2Fapi%2Fv2%2F
I have validated the above JWT and it looks verified but i still get 401 back, any ideas?
Regards,
Bharat