You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sometimes (depending on the token), krakend seems unable to properly parse a token and the roles end up not working. I am using a short-payload token that has the following content:
In this case, kraken is able to check the "permissions" key and verify if the role "bar" is in there. When using a different role in the token, I get a 403 (as expected).
I get a 403 every time, as if the token didn't have the role "krakend" in the key "https://partners.foo.com/roles". Besides attempting to change the key for something else/simpler, is there anything in the JWT that would cause this strange behavior?
Thanks a lot, kind regards.
The text was updated successfully, but these errors were encountered:
The issue was related to the namespace containing .. this char is also used to signal nested keys, so the validator wasn't able to locate the roles claim at the passed token
This issue was marked as resolved a long time ago and now has been automatically locked as there has not been any recent activity after it. You can still open a new issue and reference this link.
Hello,
Sometimes (depending on the token), krakend seems unable to properly parse a token and the roles end up not working. I am using a short-payload token that has the following content:
With the following endpoint config:
In this case, kraken is able to check the "permissions" key and verify if the role "bar" is in there. When using a different role in the token, I get a 403 (as expected).
Thing is, with the following token:
and the following endpoint config:
I get a 403 every time, as if the token didn't have the role "krakend" in the key "https://partners.foo.com/roles". Besides attempting to change the key for something else/simpler, is there anything in the JWT that would cause this strange behavior?
Thanks a lot, kind regards.
The text was updated successfully, but these errors were encountered: