Quantcast
Channel: DreamFactory Forum - Latest posts
Viewing all articles
Browse latest Browse all 5028

Invalid token: Token Signature could not be verified

$
0
0

I've truncated your stack trace in the OP for brevity. You can turn off debug logging to get only the necessary error info, which is the message and code.

In this case it seems you're doing everything right except for passing the session token. For example, I have this session token:

X-DreamFactory-Session-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjEsInVzZXJfaWQiOjEsImVtYWlsIjoiamVmZnJleUBkcmVhbWZhY3RvcnkuY29tIiwiZm9yZXZlciI6ZmFsc2UsImlzcyI6Imh0dHBzOlwvXC9kZW1vLmVudGVycHJpc2UuZHJlYW1mYWN0b3J5LmNvbVwvYXBpXC92Mlwvc3lzdGVtXC9hZG1pblwvc2Vzc2lvbiIsImlhdCI6IjE0NDc0MjcxNDkiLCJleHAiOiIxNDQ3NDMwNzQ5IiwibmJmIjoiMTQ0NzQyNzE0OSIsImp0aSI6ImQ3ZGE0YmU0M2NmOTA5NzczMWYzZjJmZDA0MDllOTJjIn0.-jXCtGrU5gBonVsjgg5wpk-afs5bWGIKq8GZEWMY7GM

If I remove that M from the end, invalidating the hash, and try to call the API with this value:

X-DreamFactory-Session-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjEsInVzZXJfaWQiOjEsImVtYWlsIjoiamVmZnJleUBkcmVhbWZhY3RvcnkuY29tIiwiZm9yZXZlciI6ZmFsc2UsImlzcyI6Imh0dHBzOlwvXC9kZW1vLmVudGVycHJpc2UuZHJlYW1mYWN0b3J5LmNvbVwvYXBpXC92Mlwvc3lzdGVtXC9hZG1pblwvc2Vzc2lvbiIsImlhdCI6IjE0NDc0MjcxNDkiLCJleHAiOiIxNDQ3NDMwNzQ5IiwibmJmIjoiMTQ0NzQyNzE0OSIsImp0aSI6ImQ3ZGE0YmU0M2NmOTA5NzczMWYzZjJmZDA0MDllOTJjIn0.-jXCtGrU5gBonVsjgg5wpk-afs5bWGIKq8GZEWMY7G

I receive your exact error:

{"error":{"context":null,"message":"Invalid token: Token Signature could not be verified.","code":401}}

So either you're not capturing and passing the token intact, or it's being passed in an invalid way.


Viewing all articles
Browse latest Browse all 5028

Trending Articles