JWT auth failing with BAD SIGNATURE

[Raphael Simon]

I'm trying to authenticate requests using JWT tokens created client side. I've created a service account in my project and downloaded the key JSON. From that JSON I got the private key and use it to sign the tokens. I've tried to use different packages to create the token, I've also tried both RS256 and RS512 signatgures but keep getting:

error: 401: {

 "code": 16,

 "message": "JWT validation failed: BAD_SIGNATURE",

 "details": [

  {

   "@type": "type.googleapis.com/google.rpc.DebugInfo",

   "stackEntries": [],

   "detail": "auth"

  }

 ]

}

I'm not sure if it's something I haven't setup right in the project or whether it's something with with the tokens themselves. FWIW I use the same algorithm to create and sign JWT tokens in other services and they work just fine. Any advice on how to proceed with troubleshooting this? the logs don't have more information.

Thanks!

--

Raphael.

[Raphael Simon]

Answering my own question: I had the `x-jwks_uri` value set wrong in the OpenAPI spec. I wish the error message would have been more helpful. In hindsight it makes sense as it was grabbing the wrong certs but making the link to the OpenAPI spec extension value was not intuitive...

--

Raphael.

[Dan Ciruli]

Glad you got through it. 

I will enter a fix request for a better message.

DC