Algorithm not allowed — jwt_auth_invalid_token

[bassamBS]

Hello,

I've done some research on the issues, but unfortunately, I couldn't find a solution.

The endpoint /wp-json/jwt-auth/v1/token is working as expected and returns "jwt_auth_valid_credential."

However, when I try to create a user using the endpoint wp-json/wp/v2/users, I'm encountering the following issue:

{
    "success": false,
    "statusCode": 403,
    "code": "jwt_auth_invalid_token",
    "message": "Algorithm not allowed",
    "data": []
}

The related call:

curl --location 'https://my-wordpress.com/wp-json/wp/v2/users' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer [TOKEN CREATED]' \
--data-raw '{
    "username": "test",
    "email": "test@gmail.com",
    "password": "test"
}'

I've installed the plugin and have added the JWT_AUTH_SECRET_KEY to the wp-config.php file nothing more.

[dominic-ks]

Hello @bassamBS, have you got any other plugins installed on the site in question? Wondering if another plugin is loading another version of the jwt library.

[bassamBS]

Yes, my client has a lot of plugins...

[dominic-ks]

@bassamBS OK, then I'd potentially check if one of them is using the firebase jwt lib. I'm not sure if it'd be that issue or not, but we have an issue open for that but a solution has not been agreed - https://github.com/usefulteam/jwt-auth/issues/82

[bassamBS]

OK, thank you for your quick answer

[bassamBS]

I found nothing related to Firebase jwt lib

[dominic-ks]

@bassamBS OK, well I am happy to help but will need some information that would help me reproduce the issue. e.g. information about the environment, or some level of troubleshooting information, primarily, it could still be a conflict with another plugin, and so we'd need to identify which one, which would require deactivating plugins on the site to see if the issue persisted, and if not, reactivating them one by one to find the conflict.

[dominic-ks]

Hey @bassamBS did you find a solution to your issue?