KID in Pega JWT Processing KeyStore with URL
We are validating a token (JWT) within Pega using the TokenProfile rule.
For the signing part of the validation we are trying to use a well-known url in the keystore.
However during processing of the key we get an error that Pega is not able to find ; "Certificate does not exist, Keystore Entry is not either PrivateKeyEntry or TrustedCertificateEntry".
Looking at tokens generated by Pega they always have the KID field in the token.
However the tokenprovider we get the key from doesnt provide the KID field.
-> Could this be the issue we are facing? Missing KID field?
Workaround for now:
Putting the public key in a jks file does work :)
Keep up to date on this post and subscribe to comments
- Generate JWT account without keystore, but with Private Key
- Pega Selenium Starter kid- getting error while running from Command Promt/jenkins
- Unable to process the SAML WebSSO request: Unable to process SAML2 Authentication response: Caught Exception while validating SAML2 Authentication response protocol: Caught Exception while creating Keystore instance
- JWT Processing using pxProcessJWT
- JWT Processing using pxProcessJWT- Custom Authentication