Hi, I am trying to implement JWT with tyk and checking it if it is working fine using postman. But i am getting one of these two errors in response:
“error”: “Key not authorized”
“error”: “Key not authorized: no matching policy found”
Can anyone please let me know the flow from starting and also suggest me what should i send in postman header and payload. Specially what should i send in “kid”.
@Shubham_Jain looking at your payload, you have “Policy ID” as your policy claim, that’s a pretty bad idea, it’s a JSON object, so while keys can indeed be any kind of string, it mght just be easier to use pol or policy.
Now you have set the policy field name in your dashboard to be “policy”, looking at your JWT payload, there is no field called “policy”, but you have one called “Policy ID”, maybe if you rename the payload version to policy, Tyk will be able to find the policy ID that you want to apply to this JWT.
Thanks@Yaara for pointing out my mistake, I changed JWT Signing method from RSA to HMAC(Shared) in my API and its working fine this time. I tried this in previous attempts too but may be i was missing something that time.
NP
If it matched in previous tests then it was the policy tag that was not matching (That’s the way you can configure Tyk to lookup for the policy in your token)