Using REST API with JWT_TOKEN

Hello everyone!

Trying to figure out how to use lora_app_serv API. Need a helping hand…
What I’ve done:

  1. Generated and set JWT_SECRET in /etc/default/lora-app-server as follows (deleted ‘=’ symbol at the end of the line, it’s ok?):

JWT secret used for api authentication / authorization
You could generate this by executing ‘openssl rand -base64 32’ for example
JWT_SECRET=I1NtY21SMC1X4+lfjbfupgc3+tgqMao2SXICGuPq9JI

  1. Claimed new JWT using https://jwt.io/ with the following payload:

{
“iss”: “lora-app-server”,
“aud”: “lora-app-server”,
“nbf”: 1508748150,
“exp”: 1600000000,
“sub”: “admin”,
“username”: “admin”
}

and with mentioned above SECRET.

So I got encoded JWT TOKEN, something like this:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJsb3JhLWFwcC1zZXJ2ZXIiLCJhdWQiOiJsb3JhLWFwcC1zZXJ2ZXIiLCJuYmYiOjE1MDg3NDgxNTAsImV4cCI6MTYwMDAwMDAwMCwic3ViIjoiYWRtaW4iLCJ1c2VybmFtZSI6ImFkbWluIn0.klWiqVwZg2BzHLgNPKTokci3aEG1HSttK1ro37VRxRI

What I’ try to do:
I open the web-page at, for example, https://localhost:8080/api#!/Application/List and paste the TOKEN at the top right corner of the form (where it has to be). Next I open any form (let’s say it is something like
get /api/applications) enter required info at the fields and push Try it out button. And I get this error:

{
“error”: “authentication failed: jwt parse error: signature is invalid”,
“code”: 16
}

What I’m doing wrong? It says that signature is invalid. I’m new to this so don’t kick hard))

Please use sub: user instead of admin as you try to authenticate an user :slight_smile: However, that is not this issue.

When I try to validate your JWT token:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJsb3JhLWFwcC1zZXJ2ZXIiLCJhdWQiOiJsb3JhLWFwcC1zZXJ2ZXIiLCJuYmYiOjE1MDg3NDgxNTAsImV4cCI6MTYwMDAwMDAwMCwic3ViIjoiYWRtaW4iLCJ1c2VybmFtZSI6ImFkbWluIn0.klWiqVwZg2BzHLgNPKTokci3aEG1HSttK1ro37VRxRI

With secret:

I1NtY21SMC1X4+lfjbfupgc3+tgqMao2SXICGuPq9JI

At jwt.io, it also says invalid signature. Probably the issue is that you ticked the “secret is base64 encoded” box. In this case your secret is base64 encoded, but basically every string can be used. The openssl example is just an example to get a random string (which happens to be base64).

Re-generate the JWT token without this box checked and I think it should work :slight_smile:

1 Like

Thank you Orne!
Now it works. The right sequence is to put secret first in form and then put payload. The form seems to be processing the payload using secret. You can not encode something with no secret sat)

I made everything as you described. And as a result too majority. I can be not incorrect that I insert it. You could not generate to me JWT and the hint it, where to insert that it will just be convinced that REST works

Hey! Try this one:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJsb3JhLWFwcC1zZXJ2ZXIiLCJhdWQiOiJsb3JhLWFwcC1zZXJ2ZXIiLCJuYmYiOjE0ODk1NjY5NTgsImV4cCI6MTUxNDc2NDgwMCwic3ViIjoidXNlciIsInVzZXJuYW1lIjoiYWRtaW4ifQ.eC7uVLyWBXjj0WiUVk2MPStFCgVlVUgOfl1nA8zQm0A

Thank you. It’s work

Hello everyone, I apologize for bumping the thread after three years. This is my first post here and so far I have been able to get the server up and running, added a gateway, two devices, had successful data movement and I was even able to integrate the application server with Influxdb and visualise it with Grafana. However I was trying to work with the HTTP API integration, and failed. Here are further details:
In the api page, I obtained the JWT Token from internal login and verified the key using jwt.io. I then entered the JWT key and reloaded the page. When I went to the device eui section, I did not get a dropdown with the list of device EUIs. When I entered the device EUI manually, it threw the following error:

{
“error”: “authentication failed: get token from context error: no authorization-data in metadata”,
“code”: 16,
“message”: “authentication failed: get token from context error: no authorization-data in metadata”,
“details”: []
}

I looked at another post which was redirected to this post regarding the same issue. All the posts seem to have been a JWT configuration issue. However I don’t think I have those issues and so I had to bring this topic back up. I am new to APIs, never have worked with them before so I hope I get some advice on this.

{
“content-length”: “220”,
“content-type”: “application/json”,
“date”: “Thu, 08 Oct 2020 [09:10:48]GMT”,
“grpc-metadata-content-type”: “application/grpc”,
“grpc-metadata-ctx-id”: “id”, (I replaced the id here)
“grpc-metadata-trailer”: “Grpc-Status, Grpc-Message, Grpc-Status-Details-Bin”
}

This is the response header.

Thanks in advance! :smiley:
Vish

Hello everyone, I was able to solve it, but it only works on Firefox and does not work on both Chrome and Edge. Is there any particular reason for this? And is there any workaround? Will this issue also persist if say one day I want to make an App and call data from the server using the API?

Vish