I'm using azure b2c and upon successful authentication, I've set it to redirect to jwt.io. The Token Header I'm seeing there is
{
"typ": "JWT",
"alg": "RS256",
"kid": "[censored]"
}
And all the claims are returned in the body, so that part is fine i guess. But when I scroll to the bottom i have the following error message:
Invalid Signature
When I scroll back up and change the algorithm to any ha algorithm, it works.
If I understand correctly, azure is sending out a ha decodable jwt but saying it's a rs256? I've read that azure only supports ha tokens for custom policies, which i don't have.
Any help is appreciated :] Thank You!
CodePudding user response:
It's described here.
You need to get the key from the B2C .well-known/openid-configuration endpoint and then paste it in as per the article.