Open ingesa-mel opened 1 year ago
I'm getting this error now, too. The problem I had was that the Flask app was running for so long that the JSON web keys were rotated, and the module doesn't seem to refresh the keys after initialization. Solution for me was to restart the flask app on a schedule.
I get this error when trying to authenticate my access-token.
{"errors": [{"status": 401, "title": "Untrusted token JWK", "detail": "The JSON Web Key (JWK) identified by the 'kid' (Key ID) field in the token header, does not correspond to one of the JWKs in the JSON Web Key Set (JWKS) trusted by this API. Ensure you are using the correct 'kid' and try again, or contact support."}]}
Question: How can I ensure to be using the correct 'kid'?
My use case: I am coming from a Vue frontend application with an access token and need to verify that token in Flask in order to access protected resources. Both my frontend and backend applications are registered as Azure AD B2C applications.
I've implemented the library just as in the minimal example provided. I am setting
AZURE_B2C_TENANT_MODE = 'true'
and also specifyingAZURE_TENANT_NAME
andAZURE_B2C_REGISTERLOGIN_USERFLOW_NAME
.Could this be a problem with my Azure setup(I am fairly new to Azure AD B2C)? However I am not sure how I could misspecify the 'kid' since it is not part of the library configuration.
Thankful for any kind of advice.