Posted: 3 Jun 2020 9:10 EDT Last activity: 28 Sep 2020 20:15 EDT
Validating an externally generated JWT in Pega
We are trying to validate a JWT token that is sent to us from an external application which sources the JWT from an auth API.
Configured the token profile and the keystore. The source for the keystore is Keystore URL which has the URL for the auth API .
But when I try to validate the JWT token using the OOTB pxProcessJWT activity, I am getting the below error
"Certificate does not exist, Keystore Entry is not either PrivateKeyEntry or TrustedCertificateEntry".
I have decoded the JWT and verified the "kid" and "alg" fields are coming as expected in the header.
Any help on this will be much appreciated.
Thanks in advance,
It might be a bit late but In order to validate the signature of a JWT, you need a public key. Did you verify that your keystore URL is generating the public key by running the URL in a browser? Looking at the error message there might be a problem with your keystore.