Skip to first unread message
Hardik Soni
May 24, 2021, 12:28:27 AM5/24/21
to Cerner FHIR Developers
Hi
This is Hardik from GE Healthcare. I am working with Chad Hays for waveform viewer. Application will be deployed in k8S cluster. we are using ingress controller to perform token validation.
we are using https://authorization.sandboxcerner.com/jwk for token validation for ingress controller, we are getting error "“jwks doesn't have
key to match kid or alg from jwt"."
we were able to authenticate successfully with https://authorization.cerner.com/jwk with same design.
Please let us know if you need any additional information. We can have meeting if required.
Thanks and Regards
Hardik Soni
Fenil Desani (Cerner)
May 24, 2021, 2:07:47 PM5/24/21
to Cerner FHIR Developers
Hello,
Can you provide more details.
- Can you provide an example for, we were able to authenticate successfully with https://authorization.cerner.com/jwk with same design
- Can you provide an example for, error "“jwks doesn't have key to match kid or alg from jwt"."
Fenil (Cerner)
Hardik Soni
May 24, 2021, 11:46:14 PM5/24/21
to Cerner FHIR Developers
Hi Fenil,
we are using ingress controller to validate jwt token generated from AUth Server.
Architecture will be
Browser ----- > ingress Controller ----> Services
|
|
Auth Server
I am not able to send architecture diagram which i will send you separately through mail as well as sample ingress configurations.
Thanks and Regards
Hardik Soni
Aju Mathai
May 25, 2021, 5:45:38 AM5/25/21
to cerner-fhir...@googlegroups.com, hardik...@gmail.com
Hello,
I am working with Hardik on the same project. As requested by you I am attaching 2 files with the required examples. as follows.
- Example for which we were able to authenticate successfully with https://authorization.cerner.com/jwk with the same design
- issuer: 'https://authorization.cerner.com/'
jwksUri: 'https://authorization.cerner.com/jwk'
- Example for, error "jwks doesn't have key to match kid or alg from jwt"."
- issuer: 'https://authorization.sandboxcerner.com/'
jwksUri: 'https://authorization.sandboxcerner.com/jwk'
These are the log files from our ingress gateway. Please let me know if you need any further information to look into this issue we are facing.
Thanks and Regards,
Aju
--
You received this message because you are subscribed to the Google Groups "Cerner FHIR Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cerner-fhir-devel...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cerner-fhir-developers/8bd430cb-ad36-4eb0-8236-69c10214da83n%40googlegroups.com.
Aju Mathai
May 27, 2021, 2:13:53 AM5/27/21
to cerner-fhir...@googlegroups.com, hardik...@gmail.com
Hi Fenil,
Did you manage to check this issue we reported .Do you have any updates on this for us
Thanks,
Aju
Fenil Desani (Cerner)
May 30, 2021, 11:13:34 PM5/30/21
to Cerner FHIR Developers
Are you matching on kid in jwks? I do see kid ket value in https://authorization.sandboxcerner.com/jwk
Since those kid values keep changing, I cannot find the match in jwks right now. Can you try one more example? Also, can you check, if the token is being parsed correctly, and extracting the header correctly for matching?
Reply all
Reply to author
Forward
0 new messages