Layer7 API Management

HI All,

I am trying to valid the incoming JWS request and I have also attached the request as well.

2020-05-12T12:21:19.978-0500 WARNING 21982685 com.l7tech.external.assertions.jwt.server.ServerDecodeJsonWebTokenAssertion: 10834: 0000017197b1adf0-ac17964 Error decoding: Could not validate JWT payload: Unrecognized header exp marked as critical.

I was wondering if anyone successfully implemented validation of incoming JWS in GW.

Dear Pramod,
What are the version and CR level of your gateway?
Critical headers are supported from gateway 9.4 CR4, you may refer to the release note,
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-4/release-notes-9-4/resolved-issues.html#concept.dita_bd083e022acc2d23c48d7b72fdad6bdad15da412_IssuesResolvedinVersion94CR4

Regards,
Mark
Original Message:
Sent: 05-12-2020 03:43 PM
From: Pramod Yadav
Subject: JWT/JWS decryption error in the GW

HI All,

I am trying to valid the incoming JWS request and I have also attached the request as well.

2020-05-12T12:21:19.978-0500 WARNING 21982685 com.l7tech.external.assertions.jwt.server.ServerDecodeJsonWebTokenAssertion: 10834: 0000017197b1adf0-ac17964 Error decoding: Could not validate JWT payload: Unrecognized header exp marked as critical.

I was wondering if anyone successfully implemented validation of incoming JWS in GW.

Hey Zhijun,

We are running on 9.4 CR03.

Thanks for the update.
Original Message:
Sent: 05-12-2020 06:18 PM
From: Zhijun He
Subject: JWT/JWS decryption error in the GW

Dear Pramod,
What are the version and CR level of your gateway?
Critical headers are supported from gateway 9.4 CR4, you may refer to the release note,
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-4/release-notes-9-4/resolved-issues.html#concept.dita_bd083e022acc2d23c48d7b72fdad6bdad15da412_IssuesResolvedinVersion94CR4

Regards,
Mark
Original Message:
Sent: 05-12-2020 03:43 PM
From: Pramod Yadav
Subject: JWT/JWS decryption error in the GW

HI All,

I am trying to valid the incoming JWS request and I have also attached the request as well.

2020-05-12T12:21:19.978-0500 WARNING 21982685 com.l7tech.external.assertions.jwt.server.ServerDecodeJsonWebTokenAssertion: 10834: 0000017197b1adf0-ac17964 Error decoding: Could not validate JWT payload: Unrecognized header exp marked as critical.

I was wondering if anyone successfully implemented validation of incoming JWS in GW.