Hi ,
I am trying to Test the transactional messaging via Adobe Campaign Standard through API call.
We have gone through the following references regarding usage of Adobe Campaign Standard APIs:
https://helpx.adobe.com/campaign/kb/working-with-acs-api.html
https://console.adobe.io/integrations
https://www.adobe.io/apis/cloudplatform/
https://docs.campaign.adobe.com/doc/standard/en/api/ACS_API.html
Now the issue that we are facing is that We are receiving this error while trying to generate the access token using JWT and payload.
Server returned HTTP response code: 400 for URL: https://ims-na1.adobelogin.com/ims/exchange/jwt/
We checked it using POSTMAN. We are getting the below error. But using the Same JWT token we were able to generate access token earlier. We did not change anything in our code.
Any guess, what might be wrong here? W are stuck on this .
Any suggestion/help would be great.
Thanks
Senthil
Solved! Go to Solution.
Views
Replies
Total Likes
Hi Florent,
The issue is resolved now. I opened a case with spphelp@adobe.com. They helped us with this.
While trying to create the JWT Token in Adobe IO console. I was copying the key without the following(only the key part of it ).
------BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
So it turns out that the entire content of the private key has to be copied in order to generate the JWT Token.I am able to generate it now.
Though the issue of JWT token is resolved via Adobe IO console. The initial issue is still not resolved.
When I am programmatically generating the JWT token, on further using this to generate the access token it is giving me errors.
Note : JWT token generated through Adobe IO console is different from the JWT Token generated via a java program. ( Ref. Adobe document,
It's under the topic Create JWT. Adding a snip for reference. Please let me know if there is any update on this.
Hi Senthil,
Can you try to generate private/public keys using this (and then generating a new JWT token):
openssl req -nodes -text -x509 -newkey rsa:2048 -keyout secret.pem -out certificate.pem -days 356
openssl pkcs8 -topk8 -inform PEM -outform DER -in secret.pem -nocrypt > secret.key
instead of what is mentioned in the docs:
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout private.key -out certificate_pub.crt
There seems to be a known issue in some cases with this one.
Let me know,
Florent
Views
Replies
Total Likes
Thanks florent .
I have used this command to generate public and private keys .. from Service Account Integration
Views
Replies
Total Likes
Hi Senthil,
Did it work for you? If you are still facing the problem, let us know.
Regards,
Amit
Views
Replies
Total Likes
I tried creating the JWT token from Adobe IO Console. And I am faced with below error. I have used these commands to create private and public keys.
# create the certificate and private key using openssl
$ openssl req -nodes -text -x509 -newkey rsa:2048 -keyout secret.pem -out certificate.pem -days 356
# convert private key to DER format
$ openssl pkcs8 -topk8 -inform PEM -outform DER -in secret.pem -nocrypt > secret.key
As far as using java to create tokens is concerned. I am able to create a JWT token with the same payload but that 's not working when I am using it to create the access token.
Views
Replies
Total Likes
We are still facing this problem.
Any pointers will really help.
-Thanks
Senthil
Views
Replies
Total Likes
Hi Senthil,
I just tried with my current implementation and it worked. I noticed I have one more line than you have in the payload:
"https://ims-na1.adobelogin.com/s/ent_user_sdk": true,
"https://ims-na1.adobelogin.com/s/ent_campaign_sdk": true,
This may not be the cause so can you also make sure that the private key is well formed?
Let me know,
Florent
Views
Replies
Total Likes
Hi Florent,
Regarding the extra lines in the payload. Aren't these values generated automatically after the integration is completed? We don't have to manually add/delete anything, I believe.
And I checked my private key contents.
The word RSA is missing in both begin and end statements in my private key file.
I used these commands to generate the certificate and private keys(using Cygwin terminal).
Reference : https://www.adobe.io/apis/cloudplatform/console/authentication/jwt_workflow.html
# create the certificate and private key using openssl
$ openssl req -nodes -text -x509 -newkey rsa:2048 -keyout secret.pem -out certificate.pem -days 356
# convert private key to DER format
$ openssl pkcs8 -topk8 -inform PEM -outform DER -in secret.pem -nocrypt > secret.key
Is there any other way(commands) to generate these keys?
-Thanks
Senthil
Views
Replies
Total Likes
Hi Senthil,
From what you describe, that should work. I'm surprised it doesn't. I'll try to investigate more on this.
In the meantime, do you have a way to try again from another machine?
I'm sorry that you're having this problem.
Let me know if you can try this.
Florent.
Views
Replies
Total Likes
Hi Senthil,
Referring to the original problem statement you provided a screenshot from Postman. It shows that the JWT cannot be decoded.
For that just above the key-value section you have opted for form-data. Instead you need to use x-www-form-urlencoded. You will not get the error then.
Regards,
Vipul
Views
Replies
Total Likes
Hi Florent,
I tried it from a different machine(created new certificate (uploaded and updated in the IO integration) and secret key. Again the same error occurred.
Is it possible that the key generation command that you are using is a different one? because the content of my private key file doesn't the word RSA in it.
-Senthil
Views
Replies
Total Likes
Hi Vipul,
Thanks for the reply.
I changed the form content type from form-data to x-www-form-urlencoded and tried it again. Now also the JWT Token error is persisting.
Note: It's programmatically generated (which by the way worked the first time we did it ), access token got generated and events were being called/invoked as well.
Then I came across the way to generate JWT token by using Adobe IO JWT tab.
Since the error in postman is telling us that the jwt token is incorrectly formatted. I thought I should generate the JWT token from there instead of creating it myself(which anyway is not generating the access token).
JWT token is not getting generated through Adobe IO console too.
Is there anything else that might be wrong ?
Regards
-Senthil
Views
Replies
Total Likes
Hi Senthil,
You should definitely have an RSA key pair if you used the given command so the fact that yours doesn't mention it should not be a problem. This is maybe due to the conversion to DER format.
I used an old key that I had generated some time ago the first time I integrated to Adobe I/O using a simple Mac terminal command, like ssh-keygen -t rsa
If you still don't manage get through this, I'd recommend contacting the Adobe I/O team here: Contact They may have some insight about the recent changes that were made to the token part.
Florent
Views
Replies
Total Likes
Hi Florent,
The issue is resolved now. I opened a case with spphelp@adobe.com. They helped us with this.
While trying to create the JWT Token in Adobe IO console. I was copying the key without the following(only the key part of it ).
------BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
So it turns out that the entire content of the private key has to be copied in order to generate the JWT Token.I am able to generate it now.
Though the issue of JWT token is resolved via Adobe IO console. The initial issue is still not resolved.
When I am programmatically generating the JWT token, on further using this to generate the access token it is giving me errors.
Note : JWT token generated through Adobe IO console is different from the JWT Token generated via a java program. ( Ref. Adobe document,
It's under the topic Create JWT. Adding a snip for reference. Please let me know if there is any update on this.
Hi Vipul,
Thanks for pointing out the incorrect content-type in content type in POSTMAN request. I am getting the access token as a response via Postman request with the JWT Token generated from Adobe IO console now.
Regards
Senthil
Hi Florent,
we are facing the same issue that is reported here: we managed to get the token when we use the JWT generated by the Adobe IO console, while we get a "JWT token is incorrectly formatted, and can not be decoded." message when we use a JWT programmatically generated (Java snippet taken fron documentation).
From this thread is not clear if the issue is tracked or resolved.
Can you give us some hints on this topic?
Thanks.
Fabio.
Views
Replies
Total Likes
Hi Florent,
we find at long last an issue in documentation (Java snippet):
// Expiration time in seconds
Long expirationTime = 86400L;
Using setting this brings to generate an invalid JWT token.
If I correct using a value such as:
// Expiration time in seconds
Long expirationTime = 1523010380L;
(that is the value provided by default from the IO console)
the JWT is valid.
Please amend the documentation or provide a valid range of this paramenter.
Thanks.
Fabio
Views
Replies
Total Likes
Hi,
Has anyone been able to determine a reason the API is generating errors? I'm getting the following error message in the response when I import my curl into Postman:
{"error_code": "401013",
"message": "Oauth token is not valid"
}
Per the previous suggestions I've generated a token using both:
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout private.key -out certificate_pub.crt
AND
openssl req -nodes -text -x509 -newkey rsa:2048 -keyout secret.pem -out certificate.pem -days 356
But neither seems to generate a valid JVT token.
The frustrating part is that, the first couple of times I did this, I received a valid response, something like the sample:
{
"id": 438180,
"name": "My new offer",
"content": "<div>The content of the offer</div>",
"modifiedAt": "2017-07-10T20:46:53Z"
}
For the past couple of days, no such luck.
Does anyone know what the root cause is?
Views
Replies
Total Likes
I have same issue but still not get help from adobe help desk, last time they asked about environment which I have worked on and that`s it , whole day no response. My case number is 01165769.
{
"error_description": "Could not match JWT signature to any of the bindings",
"error": "invalid_token"
}
If you would help, I really appreciate it. Thank you
Views
Replies
Total Likes
Hi, did you get the issue with
"error_code": "401013",
"message": "Oauth token is not valid"
}
when using Postman resolved in some way? or did it just start to work again?
Views
Replies
Total Likes
I was also receiving an error and for me when I changed to x-www-form-urlencoded It worked just fine.
Views
Replies
Total Likes
Views
Likes
Replies