Need help with "private-key-jwt"
Hey folks, I was evaluating Zitadel for my SAAS solution. I needed some help regarding the API application under my project.
I was following the steps in this link from the documentation:
https://zitadel.com/docs/guides/integrate/token-introspection/private-key-jwt
I created an API application under my project and selected "Private Key JWT" for authorisation. I generated the JWT based on the key, keyId and clientId that I found in a JSON file, which was downloaded when I created a key under that API application. I hit this URL
"https://********.zitadel.cloud/oauth/v2/introspect" from "https://hoppscotch.io/"
I am getting 500 every time, with this message body:
{
"error": "invalid_client",
"error_description": "client must be authenticated"
}
I am confused about how I can solve this problem. I intend to use the Zitadel API to get some data, like roles and some other info, to my web API backend.
I was following the steps in this link from the documentation:
https://zitadel.com/docs/guides/integrate/token-introspection/private-key-jwt
I created an API application under my project and selected "Private Key JWT" for authorisation. I generated the JWT based on the key, keyId and clientId that I found in a JSON file, which was downloaded when I created a key under that API application. I hit this URL
"https://********.zitadel.cloud/oauth/v2/introspect" from "https://hoppscotch.io/"
I am getting 500 every time, with this message body:
{
"error": "invalid_client",
"error_description": "client must be authenticated"
}
I am confused about how I can solve this problem. I intend to use the Zitadel API to get some data, like roles and some other info, to my web API backend.
This is a guide on how to secure your API using JSON Web Token (JWT) profile (recommended).
Helps you create requests faster, saving precious time on development.
