InvalidAuthenticationToken message IDX14100 JWT is not well formed, there are no dots


When I try to send:

Set resp = http.PostJson2("","application/json",json.Emit())

I am getting this response:

  "error": {
    "code": "InvalidAuthenticationToken",
    "message": "IDX14100: JWT is not well formed, there are no dots (.).
		The token needs to be in JWS or JWE Compact Serialization Format.
		(JWS): 'EncodedHeader.EndcodedPayload.EncodedSignature'.
		(JWE): 'EncodedProtectedHeader.EncodedEncryptedKey.EncodedInitializationVector.EncodedCiphertext.EncodedAuthenticationTag'.",
    "innerError": {
      "date": "2024-05-13T15:26:14",
      "request-id": "...",
      "client-request-id": "..."

Failed, response status code = 401

What am I doing wrong?


It’s probably because you didn’t set the Authorization header with the correct value of the access_token.  When you get an OAuth2 access token via the authorization code flow, or the client credentials code flow, you’ll get JSON formatted similar to this:

  "token_type": "Bearer",
  "scope": "...",
  "expires_in": 4220,
  "ext_expires_in": 4220,
  "access_token": "<base64_header>.<base64_payload>.<base64_signature>",
  "refresh_token": "...",
  "id_token": "...",
  "expires_on": "1666052240"

The “access_token” is a JWT composed of 3 base64 strings, each separated by a “.” char.  (See the above)

The Authorization header field in your HTTP request should look like this:

Authorization: Bearer <base64_header>.<base64_payload>.<base64_signature>

The string following “Bearer” is the value of the “access_token” member in the above JSON.

In Chilkat, you would do the following..

// This is C# code fragment, but the same applies to other programming languages using Chilkat.
Chilkat.JsonObject json = new Chilkat.JsonObject();
bool success = json.LoadFile("c:/tokens/myToken.json");

// Get the access_token member.
string accessToken = json.StringOf("access_token");

Chilkat.Http http = new Chilkat.Http();

// Setting the AuthToken property causes the "Authorization: Bearer " header to be added to each request.
http.AuthToken = accessToken;





Tags :