Expand my Community achievements bar.

https://ims-na1.adobelogin.com/ims/exchange/jwt always returns 503

Avatar

Level 1

Hello, 

I'm trying to receive an Access Token following the instructions here: https://developer.adobe.com/developer-console/docs/guides/authentication/JWT/

 

I've tried using PostMan with these parameters as instructed:

 

Method: POST
URLhttps://ims-na1.adobelogin.com/ims/exchange/jwt

 

Headers: 

Key Value
Content-Type application/x-www-form-urlencoded
Cache-Control no-cache 

 

Body: (checked x-www-url-form-encoded)

Key Value
client_id  <redacted>
client_secret  <redacted>
jwt_token   <redacted> - generated according to the doc

 

I've also tried using plain old cURL, this is a sample of what I've sent (note anything `< >` enclosed is redacted for sensitivity):

curl -v -H 'Content-Type: application/x-www-form-urlencoded' -H 'Cache-Control: no-cache' -d 'client_id=<redacted>&client_secret=<redacted>&jwt_token=<jwt-header>.<jwt-claims>.<signed-string>
' https://ims-na1.adobelogin.com/ims/exchange/jwt
 
But I get the same 503 response whether I use Postman or cURL. Is the service truly down or is something off in my requests? I've tried over several days and it's always the same issue.



Topics

Topics help categorize Community content and increase your ability to discover relevant content.

3 Replies

Avatar

Level 1

Ok, wow. Someone please update the Adobe documentation, it's missing crucial details, I'm still trying to figure some out.

I fixed the issue from Postman, but still can't get the cURL version to work. 

 

To hit https://ims-na1.adobelogin.com/ims/exchange/jwt , setup your Postman like the following: 

 

Method: POST
URLhttps://ims-na1.adobelogin.com/ims/exchange/jwt

 

Headers: 

Key Value
Content-Type multipart/form-data

 

Notice there's no "cache-control" and also the required Content-Type value is `multipart/form-data`, instead of what their documents recommend. 

 

Body: (check "form-data" button) - only difference from what I had above

Key Value
client_id  <redacted>
client_secret  <redacted>
jwt_token   <redacted> - generated according to the doc

 

Now, getting the cURL version to work according to their specification in this doc is my next challenge. 

 

When I try to use their command with the EXACT same values as I used in Postman:

curl -X POST https://ims-na1.adobelogin.com/ims/exchange/jwt \
-H 'Content-Type: multipart/form-data' \
-F 'client_id={API_KEY}' \
-F 'client_secret={SECRET}' \
-F 'jwt_token={JWT}'

I get 

{"error_description":"Could not match JWT signature to any of the bindings","error":"invalid_token"}

 in response. Wish me luck, please provide any insights if you know them.  

Avatar

Level 1

Agh. So that error message is either willfully misleading or just wrong. 

 

The above error message is what you get when you try to reuse the JWT you generate on your local server on subsequent requests. 

I was: generating the JWT and using that for the jwt_token= value in my Postman attempts. it returned a body with a populated access_token in it. I then was taking that same JWT token and trying the cURL command above, and that's what was causing the 

Could not match JWT signature to any of the bindings

response. 

So please note, don't recycle your JWT tokens. Generate a fresh one on every request. The documentation here seems more up to date than the original docs I posted.

Avatar

Community Advisor

Hey,

 

Were you using the AEM cloud and have you implemented this on AEM servlet?

 

because with servlet, I am getting 400, when trying to hit the exchange token URL and it's working fine in localhost.