4 posts / 0 new
Last post
Lina Abu Nuwar
Payment Initiation API: POST /payments --- to send payment info and third party permissions to access the bank customer's data a
when i try to encode x-jws-signature   with private key i  used HS256 its retrieve Error code 401: {"fault":{"faultstring":"Algorithm mismatch: policy(Verify-JWT)","detail":{"errorcode":"steps.jwt.AlgorithmMismatch"}}} ,   and when i try to use RS256  i used    java.security.Privatekey Object this is  Sample Code :  PrivateKey privKey = null; try{ String pkcs8Pem = KEY.toString(); byte [] pkcs8EncodedBytes = Base64.decode(pkcs8Pem, Base64.DEFAULT); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(pkcs8EncodedBytes); KeyFactory kf = KeyFactory.getInstance("RSA"); privKey = kf.generatePrivate(keySpec); System.out.println(privKey); } catch (Exception e){ e.printStackTrace(); } , this sample change the private key signature and retrieve Error code 401: {"fault":{"faultstring":"Invalid token: policy(Verify-JWT)","detail":{"errorcode":"steps.jwt.InvalidToken"}}} ,  what  shoulid i use  to be correctly ecnription 

ramezsw
sandbox key algorithm

HI, currently supported algorithm is RSA-256 (RS256). 

you can try to create the JWT on jwt.io and try the request on postman or the interactive doc, only when it returns the successful response you should implement it in code.

Make sure you specify the algorithm in the JWT header. And the body of your JWT should match the request's JSON payload, otherwise it will return with the invalid token error.

More information about the structure of the JWT is explained here.

 


Lina Abu Nuwar
sandbox key algorithm
i tried the api on itenractive doc  and it returned 201 created . my problem in the code   ,  when i  used private key  object it changed the signature of private key  .   check the previous sample code  that i sent.        

samershihabi
sandbox key algorithm

Hello Lina,

If the API returned a succesful response, then your JWT is valid. The problem is in your java code for creating a JWT, just try creating the key in java and debug different approaches, then compare it to the JWT used in the succesful response. We have a solution to create the JWT in javascript to help beginners, but code for JWT creation for different languages is publically available on the internet.

 

Regards,

Samer


Add new comment