JSPEKSCH Member since 2011 8 posts
Posted: 1 year ago
Last activity: 2 months 1 week ago

KID in Pega JWT Processing KeyStore with URL


We are validating a token (JWT) within Pega using the TokenProfile rule.
For the signing part of the validation we are trying to use a well-known url in the keystore.

However during processing of the key we get an error that Pega is not able to find ; "Certificate does not exist, Keystore Entry is not either PrivateKeyEntry or TrustedCertificateEntry".

Looking at tokens generated by Pega they always have the KID field in the token.

However the tokenprovider we get the key from doesnt provide the KID field.

-> Could this be the issue we are facing? Missing KID field?

Workaround for now:
Putting the public key in a jks file does work :)

Low-Code App Development Security
Share this page LinkedIn