I get this error while Oidc authentication com.nimbusds.jose.proc.BadJOSEException: Signed JWT rejected: Another algorithm expected, or no matching key(s) found I see key not matching

Naga Dheeraj M 20 Reputation points
2024-03-06T05:05:12.77+00:00

com.nimbusds.jose.proc.BadJOSEException: Signed JWT rejected: Another algorithm expected, or no matching key(s) found I see key not matching I used the same jwks_ui I see at https://login.microsoftonline.com/{tenant-id}/v2.0/.well-known/openid-configuration But, the key extracted from id_token doesn't match with any of the keys retrieved.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,731 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Navya 10,870 Reputation points Microsoft Vendor
    2024-03-06T10:49:17.29+00:00

    Hi @Naga Dheeraj M

    Thank you for posting this in Microsoft Q&A.

    This error message seems like there is an issue with the key extracted from the id_token not matching with any of the keys retrieved.

    In order to fix this issue, please follow the below steps:

    1.Ensure you've selected the correct signing algorithm (RS256) The header of the JWT contains information about the key and encryption method used to sign the token.

    2.Verify that the kid (key ID) received from the JWKS URI matches the kid extracted from the token

    3.Check that the iss (issuer) claim in the JWT matches the expected value. If the iss claim does not match, it could indicate that the JWT was issued by a different OpenID Connect provider.

    4.Ensure you have entered correct tenant id.

    You can also refer to this post where similar issue has been discussed:

    https://stackoverflow.com/questions/69325795/signed-jwt-rejected-another-algorithm-expected-or-no-matching-keys-found

    https://stackoverflow.com/questions/56638408/an-error-occurred-while-attempting-to-decode-the-jwt-signed-jwt-rejected-anoth

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Navya.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.