JWT token configuration

Do you want to: Ask a how-to question
Document Server version:7.5.1
Type of installation of the Document Server (docker, deb/rpm, exe): docker
OS: Windows 10
Browser version: Chrome Version 120.0.6099.71

I am not sure what I am doing wrong with setting up the JWT token.

I am pretty sure, I am generating the token correctly in JAVA, when I copy the token and decode it, everything looks okay, but I keep getting this error, both for the callback and the document download URLs.

Part of the error in the docket container log:


"Bearer error="invalid_token", error_description="An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching key(s) found"

It was working correctly for a while, then it started happening again, but I did not make any changes.

I am not sure what to try anymore, so any suggestions, would be appreciated.

If it is relevant, I am using the angular document-editor component on the front end.
And adding the configuration and the generated token there.

If I can provide any more information that would be helpful , please ask.

Hi, please provide an example of your token.
You can also check the encryption algorithm by pasting your token at jwt.io.

Document Server requires the token to be generated with HS256 algorithm.

Hi, thanks for the reply.

The decoded token at jwt.io looks like this

Please change the token header so it also contains its type:

  "alg": "HS256",
  "typ": "JWT"

Let me know the results.

I changed the token generation, so that it includes the “typ”.

On jwt.io it looks like this now.

Other then that, the error is still present.

Please provide Document Server logs and your token example.

Hi Carl,

I think I resolved the issue and the document server was not at fault.
Sorry for wasting your time.

I will describe the issue in case somebody else has a similar case.

We have two modes in our application, Oauth2 and JWT.

Everything was working out of the box with JWT mode, but with Oauth2, looks like some of the request filters or interceptors where blocking the requests coming for the document server, after removing those, everything started working with Oauth2 mode as well.


1 Like