JWT - signature is invalid

Hi All,

I am trying to generate my own JWT token and use it from my application to communicate to the Lora App Server when calling the REST api on there.

What I have done
Used JWT library “io.jsonwebtoken:jjwt:0.9.0” in Java to generate the token using the following 2 methods I created.

public String generateLoraToken(final String username, final String password, String secret) {
    Map<String, Object> claims = new HashMap<>();

    claims.put("iss", "lora-app-server");
    claims.put("aud", "lora-app-server");
    claims.put("sub", "user");
    claims.put("username", username);

    claims.put("exp", CalendarUtil.addWeeksToDate(new Date(), 104).getTime());
    return generateToken(claims, secret);

private String generateToken(Map<String, Object> claims, String secret) {
    return Jwts.builder()
            .signWith(SignatureAlgorithm.HS256, secret)

The secret was generated from openssl command with base64 encoded. This is the secret that is stored in the lora-app-server.toml file in jwt_secret property.

When I generate the JWT token from my code and try to use in the TOKEN field in the API web page of the Lora App Server I get the signature invalid error.

“error”: “authentication failed: jwt parse error: signature is invalid”,
“message”: “authentication failed: jwt parse error: signature is invalid”,
“code”: 16,
“details”: []

If I take the JWT token and paste it into jwt.io it says that it is a valid signature.

What am I doing wrong?


Hi All,

I figured out what was going on…

The API call on the Java JWT lib method signWith(…) takes a base64Encode String, which is used to digitally sign JWT token.

I simply needed to convert this to a byte[] and used it to sign the JWT token.

signWith(SignaureAlgorithm.HS256, secret.getBytes())