znm48 (znm48) asked a question.
Hi
I am using Okta Angular Singin Widget and NodeJS backend with Okta Jwt Verifier to authenticate user to the backend.
The whole workflow works perfectly fine in my localhost where a user logs in using Signin Widget and make a backend call with id_token (Bearer). on the backend Okta Jwt verifier successfully verifies it.
However in the dev environment i am getting this error "Error while resolving signing key for kid <<token>>" and i am not sure what the problem is.
I have both urls added as trusted origin, and issuer is same in both backend & frontend.
Angular Signinwidget:
this.signIn = new OktaSignIn({
baseUrl: environment.oktaConfig.issuer.split('/oauth2')[0], // just the BASE URL https://dev-xxx.okta.com
clientId: environment.oktaConfig.clientId,
redirectUri: environment.oktaConfig.redirectUri,
authParams: {
pkce: environment.oktaConfig.pkce,
responseMode: 'query',
issuer: environment.oktaConfig.issuer, // Complete URL with auth server i.e. http://dev-xx.okta.com/oauth2/default
display: 'page',
scopes: environment.oktaConfig.scopes,
tokenManager: environment.oktaConfig.tokenManager
},
})
Backend:
const OKTA_JWT_VERIFIER = new OktaJwt({
issuer: config.oktaConfig.issuer, // Complete URL with auth server i.e. http://dev-xx.okta.com/oauth2/default
clientId: config.oktaConfig.clientId,
url: config.oktaConfig.issuer.split('/oauth2')[0]
});
const OKTA_AUDIENCE = config.oktaConfig.audience; // api://default
I see that you have same issuer at the both places but Can you double check the "issuer"? what value you have after "oauth2/" Is it default in your dev environment?