Problem verifying idToken in Backend

murphy · January 4, 2024, 12:25am

Hi, i have a problem with idToken generated via google auth. I try validate the JWT with jwks (authjs.web3auth.io/jwks) but the endpoint does not contain the same hash as the kid of my JWT. My JWT header is:
{
“alg”: “ES256”,
“typ”: “JWT”,
“kid”: “TYOgg_-5EOEblaY-VVRYqVaDAgptnfKV4535MZPC0w0”
}

The idToken was attempted to be validated minutes after having been done using web3auth with google oauth

Logging in using metamask, the generated idToken is verified correctly (kid G6-iP7C_4NdppFwiEuckNCU_etFIVBBxxt4UH9cB9G0)

Any ideas? Thank you so much

shahbaz · January 4, 2024, 4:02am

Hey @murphy

Please use https://api-auth.web3auth.io/jwks to verify the token generated using Social logins.

Checkout the docs:

murphy · January 5, 2024, 5:02am

Thank you @shahbaz! this solves it. Why not use the same endpoint?

shahbaz · January 5, 2024, 5:15am

Thank you for letting me know. I will make sure to share this feedback with the product team.

system · January 7, 2024, 5:15am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.