search

auth0 / docs

Auth0 documentation
MIT License
369 stars 1.61k forks source link

Update 01-authorization.md #10279

Closed lfaletti closed 1 year ago

lfaletti commented 1 year ago

SignatureValidator needs to be defined in the suggested way in NET 7 to avoid the error: "Signature validation failed. Token does not have a kid...". No other way around to make the JWT to be accepted.

frederikprijck commented 1 year ago

Thanks for proposing this change. The error you are getting means you have no kid claim, are you using HS265 for the API in Auth0?

If you are, know that we recommend RS265, which would include a kid claim and avoid the need for this change altogether. When using HS265, it won't include a kid claim

Therefore, I will close this PR as this is a change no one should need, unless someone decide to not follow the recommendation for RS265, in which case they should understand the consequences of using HS265 and update their code accordingly.