Hello everyone,
I am trying to accomplish to obtain from Layer7 API Gateway a OAUTH2 Token using a JWT signed token as credential.
The request is made in this way
grant_type=client_credentials&scope=oob&client_assertion_type=urn:ietf: params:oauth: client-assertion-type:jwt-bearer&client_assertion=xxxxxxxxx
where xxxxx is the my JWT signed with my private key.
I create the JWT this way
{
"header": {
"typ": "JWT"
"alg": "RS256"
"kid": "0MtNnhCzZHQ6uahc3iFvfQOx_O6R_B2vlJRQU64XNUI"
}
"payload": {
"iss": "
44769950-00f8-4adb-bebf-0732011684c4"
"iat": 1652355987
"nbf": 1652353827
"exp": 1652356147
"aud": "https://xxx.xxx.xxx/"
"jti": "854167957"
"sub": "
44769950-00f8-4adb-bebf-0732011684c4"
}
}
where
44769950-00f8-4adb-bebf-0732011684c4matches the client_id in the OAuth DB
the secret in the OAuth db looks is like this
{ "keys": [ {
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"kid": "0MtNnhCzZHQ6uahc3iFvfQOx_O6R_B2vlJRQU64XNUI",
"alg": "RS256",
"n": "ijTOCgrGRuxz2bsHxYfyNLqPQKtBx4k2LaI9MvGYoYMttJjqa7Vt1z-oGi8DwUnP7FbD5br0VAGyNXPQXKQwaPUT7cxLw4mrNHp-JXGJddpR3s451GxtWEpbCsD2PI29wPwOfuBXdxI1CMSfoj25mzdq2OkXM9shCxCO89zdJ9VZxNPqYtt2TpdGVixo_ILGAPMDmFcd2wK9rF45V3QhfdC-fUs_HkOcFAgXsxnzlOsWbJp-3aT0mxQPftMHEDzctbf-jwmv37NqqVEBsFQH-QfltGPer-AiyG5UAFYqQHZ4wRTYtJCT8OcNTlJYeOUuIuRIiF8RGaICHikbaU6atw"
} ] }
That is public key of that one which I signed my token.
But I receive this error
{
"error": "invalid client",
"error_description": "The given JWT for client authentication is invalid."
}
where I'm wrong ?
Thanks in advance
Marco