Hello @User15905026051312106517 (Customer)​ Thank you for reacting out to our Community!

I was able to find a few similar questions on this matter, please see below:

https://devforum.okta.com/t/jwt-authentication-fails-app-keys-not-in-oauth2-default-v1-keys/11346

https://devforum.okta.com/t/unable-to-resolve-key-for-token-signature/8257

Additionally if you need further assistance we recommend to leverage the Okta Developer forums for this type of questions and take advantage of their expertise.

https://devforum.okta.com/

Community members help others by clicking Like or Select as Best on responses. Try it today.

Earn Today: New Okta Community Badges Have Arrived

Ask the Experts: Okta Device Access Product Team Now Thru 3/22

Hi Paul,

unfortunatly I can't find anything in the links you provided me that relates to the fact that the CryptoKey is marked with extractable = false.

As mentioned, I did not make any changes to our application. This was always working up until X period ago.

The customer has the control over the Okta administration itself. So, I can't know if they have changed settings or added new keys/tokens or what so ever.

In the meantime they are investigating themself also what could have been changed.

I only know about our code implementation about calling the verifyAccessToken function on the Okta library. (Code was created 3 years ago by someone else then me in the project)

The closest thing I could find online about that property is when someone generates it's own certificates and then sets the property extractable on the public key to false.

kind regards,

Steve

Hi all,

I had to do a fresh deploy of the application. It didn't contain any changes related to the Okta login.

But for some reason it is working again.

Really frustrating of not knowing what the actual problem was now.

Anyway thanks for the suggested links.

kind regards,

Steve