FHm I am not aware of a problem, where did you test the token on zitadel cloud or self-hosted?
FCan you share how you configured stuff?
FHm, that is still weird, can you share the token without signature with me?
FI think I got an idea... what API do you try to call with this token?
FAnd that call gives you the error when you send you token along?
FIts kind of weird, I would have expected that from all other apis but not this one 
FHey I looked at this again... but we all do not see where it goes wrong.
I followed the docs and it worked on my end :sweat_smile_monkey:
I followed the docs and it worked on my end :sweat_smile_monkey:
FIt looks to me that when generating the JWT to access the system api it uses a wrong value.
Can you share me that? (can be a DM or an expired token)
Can you share me that? (can be a DM or an expired token)
2@FFO , facing the same issue ...... getting the same error when followed the docs.
sharing the token here:
eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJzeXN0ZW0tdXNlci0xIiwic3ViIjoic3lzdGVtLXVzZXItMSIsImF1ZCI6WyJodHRwOi8vbG9jYWxob3N0OjgwODAiXSwiaWF0IjoxNzI3MTg3NDc1LCJleHAiOjE3MjcxOTEwNzV9.sastkxMQlQBGXqipXFYm7rwHTAjSOx_rtkCvh-wlTr0jMmvbKjYzWrIr17sOiaZa3LHWfe3s3Kuq2yal8BdRn0RKgqNKkQK1HwLq7AUsm4ozXMHAD8g7L-hoVKXIztJXaoQcgF9dDPAy4ni8zuKh-eYNZeFNQw9LlzLTTRCbYkDrBHWodNDQiJEevXoOe9Oun1gTX3c_1GQ1QhxQ8gXRR10zH4RL2R9Sp1dpeo_J24z4JNoOn296H2hQWuGAgN6wHenUfJmrG5J22pLEICUgBz4aFjRGy90zex6OBmm3I1b8tsinFG3EbhmlQPqP2ZWGZo7_8o2mdGvx6RmB49e3qg
sharing the token here:
eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJzeXN0ZW0tdXNlci0xIiwic3ViIjoic3lzdGVtLXVzZXItMSIsImF1ZCI6WyJodHRwOi8vbG9jYWxob3N0OjgwODAiXSwiaWF0IjoxNzI3MTg3NDc1LCJleHAiOjE3MjcxOTEwNzV9.sastkxMQlQBGXqipXFYm7rwHTAjSOx_rtkCvh-wlTr0jMmvbKjYzWrIr17sOiaZa3LHWfe3s3Kuq2yal8BdRn0RKgqNKkQK1HwLq7AUsm4ozXMHAD8g7L-hoVKXIztJXaoQcgF9dDPAy4ni8zuKh-eYNZeFNQw9LlzLTTRCbYkDrBHWodNDQiJEevXoOe9Oun1gTX3c_1GQ1QhxQ8gXRR10zH4RL2R9Sp1dpeo_J24z4JNoOn296H2hQWuGAgN6wHenUfJmrG5J22pLEICUgBz4aFjRGy90zex6OBmm3I1b8tsinFG3EbhmlQPqP2ZWGZo7_8o2mdGvx6RmB49e3qg
FOk let me look into this again, I should have time tomorrow
2sharing more details on this:
- Create a docker container following steps here : https://zitadel.com/docs/self-hosting/manage/configure
Changed the example-zitadel-config.yaml :
- Followed the steps to generate RSA key pair : https://zitadel.com/docs/guides/integrate/zitadel-apis/access-zitadel-system-api#runtime-configuration
- Used the command to generate JWT:
zitadel-tools key2jwt --audience=http://localhost:8080 --key=system-user-1.pem --issuer=system-user-1
or
zitadel-tools key2jwt --audience=http://localhost --key=system-user-1.pem --issuer=system-user-1
or
zitadel-tools key2jwt --audience=localhost --key=system-user-1.pem --issuer=system-user-1
- Used the generated JWT with below endpoint:
This guide assumes you are familiar with running ZITADEL using the least amount of configuration possible.
This guide focuses on the ZITADEL System API. To access the other APIs (Admin, Auth, Management), please checkout this guide.
2and the logs say:
2@FFO , your help here would be really appreciated to help us unblock
2@FFO , worked 
changed the docker image from
image: "ghcr.io/zitadel/zitadel:stable"
to
image: "ghcr.io/zitadel/zitadel:v2.62.2"
changed the docker image from
image: "ghcr.io/zitadel/zitadel:stable"
to
image: "ghcr.io/zitadel/zitadel:v2.62.2"
2but I still see the logs:
although the API's work, any idea?
although the API's work, any idea?
Fuhm, that is weird
2Do you have any suggestions on the version to use ?
FI would use a fairly recent version, i think we run 2.60 in our cloud
Foh that slipped past me, yes
Fwhile I tested this in the past... it might be that I made an error because I used an old installed version of the jwt generation tool
FLet me raise this internally.
S@dsod if you only use the admin and management API you could also use a service account as described here https://zitadel.com/docs/self-hosting/deploy/compose#docker-compose-with-service-account
P@FFO same thing here also. running v3.3.2 now, what should I do?