StéphaneL.00832 (Customer) asked a question.
How to use JWT Verify card ? "Module: PEM_read_bio_PUBKEY failed"
Hi Guys,
We have a flow that requires validation of JWT and we don't want to make unnecessary introspection call. So best option is to use Card "JWT Verify" (Decode and verify a JSON Web Token).
But it does not work and we always gets this error message "Module: PEM_read_bio_PUBKEY failed". That message is related to field "Key" which is the public key we need to use to validate our token. That key is available from JWS_uri endpoint "/keys". Putting that key "as is" in the key field does not work ? Maybe there is some additional operations (math) to do ?
We also tried PEM format using this:
-----BEGIN PUBLIC KEY-----
key here
------END PUBLIC KEY-----
Any hint would be appreciate 🙂
Edit: Our tokens are issued from custom OKTA authorization server. So best workaround I found is to copy/paste a token into JWT.IO, then grab public key from field "verify signature" and Okta side "Security\API\Authorization Servers", set "Signing Key rotation" on manual.
I did not find in Workflows a card or a way to generate that public key by querying JWKS_URI.
It would be great ? 😃