Verified Answers

If an answer to your question is correct, click on "Verify Answer" under the "More" button.  The answer will now appear with a checkmark.  Please be sure to always mark answers that resolve your issue as verified.  Your fellow Community members will appreciate it!  Learn more.

  • State Verified Answer
  • Replies replies
    9
  • Answers answers
    2
  • Subscribers subscribers
    175
  • Views views
    1953
  • Users 0 members are here
  • Locked Locked
Related
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

"jwt malformed" error while authentication in an OO flow

Ajith_Kumar

Hi All,

We have flow deployed for automating the access request in a tool called Secure One. The flow is able to fetch token in our QA environment but not in PROD. All the flows, OO version, application setup and everything is same.

Environment Type Step Name Duration Inputs Raw Results
PROD OPERATION Get token 0.031 seconds {url=s1.dieboldnixdorf.com/.../auth, authType=Basic, username=null, password=******, preemptiveAuth=true, proxyHost=null, proxyPort=8080, proxyUsername=null, proxyPassword=******, trustAllRoots=true, x509HostnameVerifier=allow_all, trustKeystore=null, trustPassword=******, keystore=null, keystorePassword=******, connectTimeout=0, socketTimeout=0, useCookies=true, keepAlive=true, connectionsMaxPerRoute=2, connectionsMaxTotal=20, headers=Content-Type: application/json, responseCharacterSet=null, destinationFile=null, followRedirects=true, queryParams=null, queryParamsAreURLEncoded=false, formParams=null, formParamsAreURLEncoded=false, sourceFile=null, body={"userId":"ABC","token":"XYZ" }, contentType=application/json; charset='UTF-8, requestCharacterSet=ISO-8859-1, chunkedRequestEntity=null, method=POST} {returnCode=0, responseHeaders=X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Request-Id: 3dbff020-569c-11ee-89f6-75a3e770a947
Content-Type: application/json; charset=utf-8
Content-Length: 27
ETag: W/"1b-CgdsrqtkLn0qBSLU/p4pPCfLVik"
Date: Tue, 19 Sep 2023 03:25:54 GMT
Connection: keep-alive, returnResult={"message":"jwt malformed"}, reasonPhrase=Unauthorized, finalLocation=s1.dieboldnixdorf.com/.../auth, protocolVersion=HTTP/1.1, statusCode=401, Result={"message":"jwt malformed"}}
Environment Type Step Name Duration Inputs Raw Results
QA OPERATION Get token 4.416 seconds {url=s1.dieboldnixdorf.com/.../auth, authType=Basic, username=null, password=******, preemptiveAuth=true, proxyHost=null, proxyPort=8080, proxyUsername=null, proxyPassword=******, trustAllRoots=true, x509HostnameVerifier=allow_all, trustKeystore=null, trustPassword=******, keystore=null, keystorePassword=******, connectTimeout=0, socketTimeout=0, useCookies=true, keepAlive=true, connectionsMaxPerRoute=2, connectionsMaxTotal=20, headers=Content-Type: application/json, responseCharacterSet=null, destinationFile=null, followRedirects=true, queryParams=null, queryParamsAreURLEncoded=false, formParams=null, formParamsAreURLEncoded=false, sourceFile=null, body={"userId":"ABC","token":"XYZ" }, contentType=application/json; charset='UTF-8, requestCharacterSet=ISO-8859-1, chunkedRequestEntity=null, method=POST} {returnCode=0, responseHeaders=X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Request-Id: a02e4d60-569c-11ee-89f6-75a3e770a947
Content-Type: application/json; charset=utf-8
Content-Length: 821
ETag: W/"335-MTxru0nWOyiBmGGaeaCXD7bNeCo"
Date: Tue, 19 Sep 2023 03:28:40 GMT
Connection: keep-alive, returnResult={"message":"Access granted.","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkaXN0aW5ndWlzaGVkTmFtZSI6IkNOPXN2Yy1naW8tYm1jYWRkbSxPVT1TeXN0ZW0gQWNjb3VudHMsREM9YWQsREM9ZGllYm9sZCxEQz1jb20iLCJkb21haW5fbmV0YmlvcyI6IkRJRUJPTERfTUFTVEVSIiwib2JqZWN0U2lkIjoiUy0xLTUtMjEtMTg1NzQxMDYtMTM1MjQ3ODc5Ni04MjQ2NTE5NzEtMzg0NDI0Iiwic0FNQWNjb3VudE5hbWUiOiJzdmMtZ2lvLWJtY2FkZG0iLCJhY2Nlc3MiOnsicm9sZSI6ImFkbWluIiwiZGF0ZV9hZGRlZCI6IjIwMjAtMDgtMTlUMjE6MTM6NTguOTE3WiIsImdhX2VuYWJsZWQiOnRydWV9LCJpZCI6IjVmMGUxMTc0YzM1YTAyYzNlNDA5NjI2ZiIsImNyZWF0ZWRCeSI6ImE3NmJmMzIzLTc1YzctNDYwOS1hNWE3LTg5Y2YxODhjZjM5OSIsInNjb3BlcyI6W10sInR5cGUiOiJhY2Nlc3MiLCJpYXQiOjE2OTUwOTQxMjAsImV4cCI6MTY5NTEyMjkyMCwianRpIjoiN2MxZTk1YTMtZjJhOS00ZmY3LWE0NGYtYjI3ZmE3ZjhhYjRmIn0.SaIK0tfkjQW6ffgHl2FhhGTLP_PKnD0fDmAHbMh3bq8","expires":"2023-09-19T11:28:40.000Z","scopes":[]}, reasonPhrase=OK, finalLocation=s1.dieboldnixdorf.com/.../auth, protocolVersion=HTTP/1.1, statusCode=200, Result={"message":"Access granted.","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkaXN0aW5ndWlzaGVkTmFtZSI6IkNOPXN2Yy1naW8tYm1jYWRkbSxPVT1TeXN0ZW0gQWNjb3VudHMsREM9YWQsREM9ZGllYm9sZCxEQz1jb20iLCJkb21haW5fbmV0YmlvcyI6IkRJRUJPTERfTUFTVEVSIiwib2JqZWN0U2lkIjoiUy0xLTUtMjEtMTg1NzQxMDYtMTM1MjQ3ODc5Ni04MjQ2NTE5NzEtMzg0NDI0Iiwic0FNQWNjb3VudE5hbWUiOiJzdmMtZ2lvLWJtY2FkZG0iLCJhY2Nlc3MiOnsicm9sZSI6ImFkbWluIiwiZGF0ZV9hZGRlZCI6IjIwMjAtMDgtMTlUMjE6MTM6NTguOTE3WiIsImdhX2VuYWJsZWQiOnRydWV9LCJpZCI6IjVmMGUxMTc0YzM1YTAyYzNlNDA5NjI2ZiIsImNyZWF0ZWRCeSI6ImE3NmJmMzIzLTc1YzctNDYwOS1hNWE3LTg5Y2YxODhjZjM5OSIsInNjb3BlcyI6W10sInR5cGUiOiJhY2Nlc3MiLCJpYXQiOjE2OTUwOTQxMjAsImV4cCI6MTY5NTEyMjkyMCwianRpIjoiN2MxZTk1YTMtZjJhOS00ZmY3LWE0NGYtYjI3ZmE3ZjhhYjRmIn0.SaIK0tfkjQW6ffgHl2FhhGTLP_PKnD0fDmAHbMh3bq8","expires":"2023-09-19T11:28:40.000Z","scopes":[]}}

What could be the issue? What should I do to make it working in PROD environment.

Parents
  • 0

    Hello Ajith_Kumar,

    You ask an interesting question.

    What version of OO are you using in both environments (QA and Prod) and are they are the same Patch/hotfix level?

    While I provided that as my first question, my initial thoughts are that this is not necessarily an OO issue.

    Quite often, Software running in a Prod environment has different security and/or other settings than that same software in QA.  That is also a possibility.

    Is there a way to manually perform the step of requesting an access token from the OO Central QA server and the OO Central Prod server?

    If you can run the command(s) manually on both environments with the same options and it works, then you can isolate things further from that point.  If running them manually from both environments works for QA but not for Prod, then look at your Secure One Software settings or possibly firewalls that are different between the two environments.

    I hope that this helps.

    Regards,

    Mark

Reply
  • 0

    Hello Ajith_Kumar,

    You ask an interesting question.

    What version of OO are you using in both environments (QA and Prod) and are they are the same Patch/hotfix level?

    While I provided that as my first question, my initial thoughts are that this is not necessarily an OO issue.

    Quite often, Software running in a Prod environment has different security and/or other settings than that same software in QA.  That is also a possibility.

    Is there a way to manually perform the step of requesting an access token from the OO Central QA server and the OO Central Prod server?

    If you can run the command(s) manually on both environments with the same options and it works, then you can isolate things further from that point.  If running them manually from both environments works for QA but not for Prod, then look at your Secure One Software settings or possibly firewalls that are different between the two environments.

    I hope that this helps.

    Regards,

    Mark

Children
  • 0 in reply to 

    Hi Mark,

    Firstly, thank you for taking your time and responding to this.

    We are using 2022.05 in both environment and no patches/hotfixes applied so far to both the environments.

    I installed the postman in both the RAS (PROD AND QA) and tried to fetch toke from SecureOne, I am getting token successfully.

    Note: We are trying to access the same SecureOne application from both OO environments. We don't have separate PROD and Test setup for SecureOne.

    Regards,

    Ajithkumar G.

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Cookies Preferences
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.