[JWT] Error while creating asym token w/ JSON Web Key (IDX10805: Error deserializing json..
Forge component by João Almeida

Hi,

I'm a first time user of JWT Forge component. Congratulations so far on this implementation and the provided documentation. However, I'm currently stuck with an issue apparently not yet listed in this component's support forum. The issue I'm having occurs while creating a JWT using the CreateSignedAsymmetricTokenWithJsonWebKey action. I get the following error message

IDX10805: Error deserializing json: 't%h^r{hWd}WH}NDT' into 'Microsoft.IdentityModel.Tokens.JsonWebKey'.

The error stack trace points the source of this error at the JWT_Core.CreateToken extension action.

One odd thing about the above error message is that the mentioned json is simply the JSON Web Key runtime value that I passed in the action's input parameter JWKPlain. This is being stored in a site property as the image below shows. Why is this value being parsed as JSON?

Thank you for your help!

Hi Pedro Gonçalves,

As per the JWT standard, a JWK is usually represented as a JSON:

{  
   "kty":"EC",
   "crv":"P-256",
   "x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU",
   "y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0",
   "kid":"Public key used in JWS spec Appendix A.3 example"
}

https://datatracker.ietf.org/doc/html/rfc7517#page-5

If you look at the public keys used by Google, their JWK format is like the one above

https://www.googleapis.com/oauth2/v3/certs link for the JWK

Documentation where it is mentioned:
https://developers.google.com/identity/sign-in/web/backend-auth#verify-the-integrity-of-the-id-token


Hope this helps,


Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.