Closed BitSec01 closed 5 years ago
Kyria
commented
5 years ago I know it's not an answer to your issue, but why don't you extract all data and validate the token yourself if you have the JWT token, instead of using the /verify endpoint ?
edit to below answers: understood. :)
BitSec01
commented
5 years ago @Kyria I am extracting / validating the token myself now. I was just very confused that the /verify endpoint doesn't work for me but does work for others.
lukasni
commented
5 years ago I've asked him to make the issue here since it's supposed to be possible to drop-in replace v1 with v2 urls and to have it documented here. It's a really weird behaviour that I wasn't able to replicate and I though we might want to track it somewhere.
BitSec01
commented
5 years ago I have no idea how the API is setup. MOST third parties are still using SSOv1 it seems. SSOv1 works perfect for me. I found a /verify endpoint for SSOv2 for anyone interested: https://login.eveonline.com/oauth/verify
I still haven't found a solution to why my JWT token isn't accepted at any endpoint but I'll continue to look at github documentation of SSOv2 auths and third parties that use SSOv2 because it has better documentation and is less confusing.
Bug
When making a GET request to https://esi.evetech.net/verify it responds with { "error": "authorization failure" }
EDIT: Discovered today that this does not only apply for /verify endpoint but basically every authentication protected enpoint (legacy, latest, dev) I tried them all.
Reproduction Steps
I've asked on the Slack and on Reddit but I haven't yet found anyone with the same issue.
Actual Behaviour
Returns
Expected Behaviour
Returning my character information