Expand my Community achievements bar.

Help shape the future of AI assistance by participating in this quick card sorting activity. Your input will help create a more effective system that better serves your needs and those of your colleagues.
SOLVED

Regarding JWT Metascope

Avatar

Level 2

Hi,

I am trying to automate the manual process of creating Property, etc using Launch API.

I generated JWT programmatically so that I can exchange it for an access token. However, access token can not be obtained as I am getting the following error on my terminal:

{"error_description":"The metascopes in the JWT are not a subset of the metascopes in the binding.","error":"invalid_scope"}

I have gone through: https://www.adobe.io/authentication/auth-methods.html#!AdobeDocs/adobeio-auth/master/JWT/Scopes.md​, which shows the API-specific metascope.

I am sure I have included it correctly in my program, also User Management API and I/O Management API is enabled under Services tab in my Adobe Console Integration, of which credentials are being used.

Help is appreciated.

Thanks

1 Accepted Solution

Avatar

Correct answer by
Level 2

@jayg26932123  issue is related to payload data where you have incorrect url of metascope. Please check the jwt tab in the Adobe IO integration , you will get the correct url required for the payload. I faced the similar issue and after taking the metscope mentioned in the integration, it worked for me. I got the access token using python programming. 

View solution in original post

5 Replies

Avatar

Correct answer by
Level 2

@jayg26932123  issue is related to payload data where you have incorrect url of metascope. Please check the jwt tab in the Adobe IO integration , you will get the correct url required for the payload. I faced the similar issue and after taking the metscope mentioned in the integration, it worked for me. I got the access token using python programming. 

Avatar

Level 5

I still didn't get it. The url I am using is `/ims/exchange/jwt/` with the prefix as `https://ims-na1.adobelogin.com`. However I am not sure about metascope?

 

This is my metascope: `https://ims-na1.adobelogin.com/s/ent_aem_cloud_api` and this is how jsonPayload looks like:

 

const jwtPayload = {
		exp: Math.round(300 + Date.now() / 1000),
		iss: orgId,
		sub: technicalAccountId,
		aud: `${ims}/c/${clientId}`,
		[`${ims}/s/${metaScope}`]: true,
	};

Can someone help me understand what's going wrong here?

Avatar

Level 1

Hello,

 

I'm facing the same issue right now : my metascope is the first of this list but I still get the error. Did you find any solution ?

Thanks