Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

help request: missing user key in JWT token #11365

Open
bakuppus opened this issue Jun 19, 2024 · 4 comments
Open

help request: missing user key in JWT token #11365

bakuppus opened this issue Jun 19, 2024 · 4 comments

Comments

@bakuppus
Copy link

Description

Our existing JWT token payload not contains key, due to we are getting error "missing user key in JWT token".
Here Apache APISIX expects a specific key in the JWT payload, which is not present in our existing token.

Does Apache APISIX's jwt-auth plugin must requires the key value defined in the consumer ?

How to resolve this issue without modifying our existing token payload ?

bala@kubelancer ~ % curl -s -i -X GET "httpbin1.poc.kubelancer.net/get?foo1=bar1&foo2=bar2" -H "Authorization: Bearer ${TOKEN}"HTTP/1.1 401 UnauthorizedDate: Tue, 18 Jun 2024 12:54:08 GMTContent-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: APISIX/3.9.1

{"message":"missing user key in JWT token"}
bala@kubelancer ~ %

Environment

  • APISIX version (run apisix version):
  • Operating system (run uname -a):
  • OpenResty / Nginx version (run openresty -V or nginx -V):
  • etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info):
  • APISIX Dashboard version, if relevant:
  • Plugin runner version, for issues related to plugin runners:
  • LuaRocks version, for installation issues (run luarocks --version):
@hanqingwu
Copy link
Contributor

Yes , key is required
https://apisix.apache.org/docs/apisix/plugins/jwt-auth/

@TheShubhendra
Copy link

I am also getting the same issue. Our jwt tokens has sub as a key for user_id. Where can i set this key when enabling jwt-auth plugin for routes.

@untilyou2605
Copy link

I am also getting the same issue. Our jwt tokens has sub as a key for user_id. Where can i set this key when enabling jwt-auth plugin for routes.

hey @TheShubhendra, have you solved this problem? I got the same issue
this is my config
"plugins": { "jwt-auth": { "_meta": { "disable": false }, "cookie": "jwt", "header": "authorization", "hide_credentials": false, "key": "sub", "query": "jwt", "secret": "dssaaaxc12" } }

@TheShubhendra
Copy link

@untilyou2605 I have added a key field to the JWT payload. In the consumer configuration, you need to specify the value of the key that the jwt-plugin should verify.

For example, if you have two types of API consumers—user and admin:

The JWT for a user should include key: "user".
The JWT for an admin should include key: "admin".

When creating consumers in APISIX:
Set key: user for the user consumer.
Set key: admin for the admin consumer.
This ensures that the jwt-plugin validates the JWT against the correct consumer type based on the key field.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Apache APISIX backlog
Status: 📋 Backlog
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hanqingwu @bakuppus @TheShubhendra @untilyou2605