Share via

Exchange Token Validation Error with a JWT from Exchange Microservice

Paul Stempel 0 Reputation points
2024-02-11T16:12:21.1033333+00:00

Hello! I am struggling with the validation of the Exchange Token. The documented process on how to validate the token worked for a long time but does not anymore. Please see "Validate token contents" here Office 365 Exchange MicroserviceOffice 365 Exchange Microservice for the documentation. I assume the validation failed due to the missing x5t in https://outlook.office365.com/autodiscover/metadata/json/1 The error is: IDX10501: Signature validation failed. Unable to match key: kid: 'System.String'. Exceptions caught: 'System.Text.StringBuilder'. token: 'System.IdentityModel.Tokens.Jwt.JwtSecurityToken' It is obious that something changed. The JWT says that the app is "Office 365 Exchange Microservice" now. I would be grateful if you could give me a hint how to validate the new JWT from the Exchange Microservice. Best regards
Paul

Exchange Online
Exchange Online
A Microsoft email and calendaring hosted service.
6,171 questions
Exchange Exchange Server Development
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Miguel Gonçalves 971 Reputation points
    2024-06-11T22:38:12.94+00:00

    Hi Paul,

    If the JWT you’re trying to validate lacks the x5t parameter, it might be due to changes in the token generation process or the certificate used. The absence of x5t could lead to signature validation failures, as you’ve observed.

    The absence of x5t might indicate a change in the token generation process. Ensure that the certificate used for signing is correctly configured.

    You may need validate the new JWT from the Exchange Microservice - retrieving the public key, checking the thumbprint and verifying the signature.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.