Hello,
I'm trying to send a Live JWT authentication token to ACS to get a token issued by ACS without requiring the user to reauthenticate. The code is sending an OAuth2 request to ACS but we get the following error (via WebException):
{"error":"invalid_client","error_description":"ACS50027:
Invalid JWT token. ACS50027: Invalid JWT token. Found unsupported token header.
Supported headers are: \u0027alg\u0027, \u0027typ\u0027,
\u0027x5t\u0027.\r\nTrace ID:
df92ac14-3ec9-488c-ac74-78e2f0957a6e\r\nCorrelation ID: 03dfb320-7e88-4616-91bc-7adc2b0091ac\r\nTimestamp:
2013-09-07 02:49:54Z"}Decoding the Live JWT sent to ACS reveals the following header:
{ "alg": "HS256", "typ": "JWT", "kid": "1" }So it appears the "kid" header element is causing the problem.
Does anyone have any ideas on how to resolve this issue?
Thanks!