[JWT] Problem retrieving the key from jwks

Back to Forums

Pedro Magalhães

Question

REST

API

Authentication

Forge

Service

Application Type

Service

Service Studio Version

11.55.16 (Build 64072)

Hello,

I'm trying to validate an incoming token on an exposed rest api.

When I try to obtain the key from jwks enpoint it always returns empty. Here is a printscreen of the output of the jwks endpoint:

I tried using input parameter KeyId as "sig", "enc", "x5c", "n" with no success.

Note: I confirmed that the development environment has access to this endpoint:

Best regards.

11 Apr 2025

Steven de Jong

Hi,

If you are talking about the action 'GetJwkFromJwksEndpoint' from JWT, then I can confirm that it's working for us

We fill the parameter 'JwksEndpoint' with https://login.microsoftonline.com/<our_TenantId>/discovery/keys
'KeyUse' with hard-coded "sig"
and 'KeyId' is the KeyId or "kid" from the Token you are trying to validate, in your example/screenshot it could be dmnOY...

It should work that way. Hope this helps.

22 Apr 2025

Pedro Magalhães

Hello @Steven de Jong

thanks for the feedback.

I was able to successfully retrieve the jwks and validate the signature with GetJwkFromJwksEndpoint and ReadTokenService service actions (not server actions). Don't know exactly why it works with SAs but not with the server actions.

Regards.

22 Apr 2025

Mandar Deshpande

Hi @Pedro Magalhães

I think you should not:

Call JWKS endpoint directly from browser.
Expose Forge JWKS endpoint as a public REST.
Expect SAS behavior to match REST behavior.

In your case, it works in SAS but not in REST since SAS is a trusted internal context, but REST is an external untrusted context. Outsystems protects internal security endpoints by design.

29 Dec 2025

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.

See the full guidelines