Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Invalid JWT Signature on OAuth OIDC Provider

EduAr
Tera Contributor

‎12-12-2023 12:11 PM

Hey there,

I'm attempting to retrieve data from my ServiceNow instance using a token generated by a custom identity provider. I've configured an OAuth OIDC Provider in my application, but I'm encountering this error when I make a request:

OIDC token verification failed: com.snc.platform.security.oauth.OAuthRequestProblemException: Invalid JWT Signature: com.snc.platform.security.oauth.jwt.AbstractJWTVerifier.verify(AbstractJWTVerifier.java:321)
com.snc.platform.security.oauth.oidc.OIDCJWTVerifier.verify(OIDCJWTVerifier.java:94)
com.snc.platform.security.oauth.oidc.OIDCProvider.verifyJWTToken(OIDCProvider.java:263)
com.snc.platform.security.oauth.OpenIDConnectIDTokenUserLoader.load(OpenIDConnectIDTokenUserLoader.java:48)
com.snc.platform.security.oauth.OAuthTokenHandler.load(OAuthTokenHandler.java:60)
com.glide.sys.User.loadByOAuthOauthToken(User.java:679)
com.glide.sys.User.authenticateUsingOAuthToken(User.java:586)
com.glide.sys.User.authenticateOAuthAccessToken(User.java:562)
com.glide.sys.User.authenticateOAuthAccessToken(User.java:550)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.base/java.lang.reflect.Method.invoke(Method.java:566)
org.mozilla.javascript.MemberBox.invoke(MemberBox.java:138)
org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:300)
org.mozilla.javascript.ScriptRuntime.doCall(ScriptRuntime.java:2652)
org.mozilla.javascript.Interpreter.interpretLoop(Interpreter.java:1518)
org.mozilla.javascript.Interpreter.interpret(Interpreter.java:830)
org.mozilla.javascript.InterpretedFunction.lambda$call$0(InterpretedFunction.java:160)
com.glide.caller.gen.sys_script_include_65af6200d7022100f20bc8170e6103aa_script.call(Unknown Source)
com.glide.script.ScriptCaller.call(ScriptCaller.java:22)
org.mozilla.javascript.InterpretedFunction.call(InterpretedFunction.java:159)
org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:597)
org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3573)
org.mozilla.javascript.InterpretedFunction.call(InterpretedFunction.java:157)
org.mozilla.javascript.ScriptRuntime.doCall2(ScriptRuntime.java:2734)
org.mozilla.javascript.ScriptRuntime.doCall(ScriptRuntime.java:2657)
org.mozilla.javascript.ScriptableObject.callMethod(ScriptableObject.java:2437)
org.mozilla.javascript.ScriptableObject.callMethod(ScriptableObject.java:2409)
com.glide.script.RhinoObject.callFunction(RhinoObject.java:169)
com.glide.script.GlideRhinoObject.callFunction(GlideRhinoObject.java:156)
com.glide.script.RhinoObject.callFunction_String(RhinoObject.java:202)
com.glide.script.RhinoObject.callFunction_String(RhinoObject.java:199)
com.glide.sys.authenticate.HTTPAuthenticate.invokeScript(HTTPAuthenticate.java:224)
com.glide.sys.authenticate.HTTPAuthenticate.scriptedAuthorization(HTTPAuthenticate.java:192)
com.glide.sys.authenticate.HTTPAuthenticate.authenticate(HTTPAuthenticate.java:79)
com.glide.sys.authenticate.AuthProxy.authenticate(AuthProxy.java:36)
com.glide.sys.security.HTTPAuthorization.isAuthorized(HTTPAuthorization.java:122)
com.glide.processors.HttpAuthProfileAuthorization.isAuthProfileAuthorized(HttpAuthProfileAuthorization.java:36)
com.glide.rest.processors.RESTAPIHttpAuthorization.isAuthorized(RESTAPIHttpAuthorization.java:22)
com.glide.processors.HTTPAuthProcessor.authenticateHttpRequest(HTTPAuthProcessor.java:298)
com.glide.processors.HTTPAuthProcessor.isAuthorized(HTTPAuthProcessor.java:125)
com.glide.rest.processors.RESTAPIProcessor.isAuthorized(RESTAPIProcessor.java:288)
com.glide.processors.AProcessor.isProcessorAuthorized(AProcessor.java:845)
com.glide.processors.AProcessor.shouldContinue(AProcessor.java:531)
com.glide.processors.Processor.shouldContinue(Processor.java:100)
com.glide.processors.AProcessor.processTransaction(AProcessor.java:176)
com.glide.processors.ProcessorRegistry.process0(ProcessorRegistry.java:187)
com.glide.processors.ProcessorRegistry.process(ProcessorRegistry.java:175)
com.glide.ui.GlideServletTransaction.process(GlideServletTransaction.java:58)
com.glide.sys.Transaction.run(Transaction.java:2645)
com.glide.ui.HTTPTransaction.run(HTTPTransaction.java:30)
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
java.base/java.lang.Thread.run(Thread.java:829)

 

0 Helpfuls
  • 1,971 Views
10 REPLIES 10

Shantanu1
Tera Guru
In response to obrochard

‎07-07-2025 11:21 AM

Hey @obrochard 

 

just wanted to check if you were to find a fix for this please

0 Helpfuls