5wc2s (5wc2s) asked a question.
Error while resolving signing key for kid
The OKTA angular authentication once worked well.
@okta/okta-angular 1.0.7
oidc: {
clientId: '*************',
issuer: 'https://citrix.okta.com',
redirectUri: 'https://wemcloudops.azurewebsites.net/oauth',
scope: 'openid profile email'
},
But when I want to add authentication for API endpoint on Nodejs express, but the OktaJwtVerifier always throws "Error while resolving signing key for kid "
const oktaJwtVerifier = new OktaJwtVerifier({
issuer: 'https://citrix.okta.com/oauth2/default'
issuer: 'https://citrix.okta.com' (neither works)
});
Hi Bowen,
This occurs because API Access Management might have been removed, or the authorization server you're trying to use 'default' has been removed.
Accessing the metadata endpoint for the authorization server you're trying to use shows that the feature is not available:
https://citrix.okta.com/oauth2/default/.well-known/openid-configuration
The Base Authorization Server (https://citrix.okta.com) doesn't support local validation of the Access Tokens as they are opaque.
Try reaching out to your Account Executive to clarify any possible licensing changes. Or reach out to our Support team to clarify any further questions.
Thank you,
Bogdan Andrisan
Developer Support Engineer