"Signature validation failed" issue on first log in of the day (.NET)
I am using Zitadel as basic Oidc provider in a .net Core 8 app.
Sometimes - usually on first login of the day, I get the error below. Subsequent logins will work fine after that:
-----------
SecurityTokenSignatureKeyNotFoundException: IDX10503: Signature validation failed. The token's kid is: '331015965120704997', but did not match any keys in TokenValidationParameters or Configuration. Keys tried: 'Microsoft.IdentityModel.Tokens.RsaSecurityKey, KeyId: '330867128917864933', InternalId: 'eEY5cloHV5xw41nhCphXeR0cak5ePU8YYMXQzfSHtUc'. , KeyId: 330867128917864933
'. Number of keys in TokenValidationParameters: '0'.
Number of keys in Configuration: '1'.
Exceptions caught:
'[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
token: '[PII of type 'Microsoft.IdentityModel.JsonWebTokens.JsonWebToken' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. See https://aka.ms/IDX10503 for details.
-----------
Checking <my-instance>/oauth/v2/keys I see two keys:
- 330867128917864933
- 331015965120704997
Seems to be an issue with syncing keys. I've tried playing around with options.ConfigurationManager.RefreshInterval but with no luck. Anyone have an Idea whats wrong here?
Sometimes - usually on first login of the day, I get the error below. Subsequent logins will work fine after that:
-----------
SecurityTokenSignatureKeyNotFoundException: IDX10503: Signature validation failed. The token's kid is: '331015965120704997', but did not match any keys in TokenValidationParameters or Configuration. Keys tried: 'Microsoft.IdentityModel.Tokens.RsaSecurityKey, KeyId: '330867128917864933', InternalId: 'eEY5cloHV5xw41nhCphXeR0cak5ePU8YYMXQzfSHtUc'. , KeyId: 330867128917864933
'. Number of keys in TokenValidationParameters: '0'.
Number of keys in Configuration: '1'.
Exceptions caught:
'[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
token: '[PII of type 'Microsoft.IdentityModel.JsonWebTokens.JsonWebToken' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. See https://aka.ms/IDX10503 for details.
-----------
Checking <my-instance>/oauth/v2/keys I see two keys:
- 330867128917864933
- 331015965120704997
Seems to be an issue with syncing keys. I've tried playing around with options.ConfigurationManager.RefreshInterval but with no luck. Anyone have an Idea whats wrong here?
