Hi,
I am hitting the INT environment : https://int.api.service.nhs.uk/oauth2/token.
I am getting 401 Error Code.
Application ID : 21420a71-b589-4a24-8149-13a9880e99ce
NHS Digital Onboarding Service - Rhapsody_MSE_TIE_INT
I verified the JWT created with JWT.io and with both public key and Private Key for testing both encoding and decoding and it works fine perfectly.
Hi.
I’ve moved your question on the the API Platform category, as they will be better placed to handle any auth journey issues.
Thanks
Kiran, Can you please share the complete request so far I cannot see any event created in Splunk for this App ID for past 1 Month.
Hi @vikas,
I am using the below curl command : and I using Rhapsody Integration Engine to hit the Auth URL :
curl -X POST ^
-H “Content-Type:application/x-www-form-urlencoded” ^
–data “grant_type=client_credentials&client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion=eyJ4NXQiOiItVURnZ2RnWWY3NFc2UTZJWW51c25Oem9EdVUiLCJraWQiOiJwZHMtZmhpci1hcGktaW50LXRlc3QtMSIsInR5cCI6IkpXVCIsImFsZyI6IlJTNTEyIn0.eyJhdWQiOiJodHRwczovL2ludC5hcGkuc2VydmljZS5uaHMudWsvb2F1dGgyL3Rva2VuIiwic3ViIjoiMjE0MjBhNzEtYjU4OS00YTI0LTgxNDktMTNhOTg4MGU5OWNlIiwiaXNzIjoiMjE0MjBhNzEtYjU4OS00YTI0LTgxNDktMTNhOTg4MGU5OWNlIiwiZXhwIjoxNzUxODgzMTg3LCJpYXQiOjE3NTE4ODI4ODcsImp0aSI6ImZjMWE2ZGJiLTdiMjQtNDQ3MC1iYjYwLWUwMmQ3NWZlMTFjMCJ9.JtFTUnPm5IEc38KvJI1rU9EZFN_BEia6Ve3rT6ED3uK1cnS-0wd5npFa3IjtES1xYxXd_C2s3ldXxUAvm7-E6qms9RFuRJmvg4CLKwFBIH2VOGF8U3knAZUPCfgIb_TtDOQ0Va9E9JnkNBzx4MNhB-Tq4yaWKMtfpx8Z2iCJHjyYdqgEucvaRS99hH-spy3C-86IbSFo85NEQ0vqNytps0U9KIXIZBx5ihJ-r3qgpmzzpGIaR_FicCgb700OdpYrEl_1IFfRMY5vcZdPVVi6UQaGG8EJNhv7fkIoPxiadx5A-j51FOCz13L9UUmLSJYNx94WXaN6y0c-2-m6SJUX63_AKV-xvF-U9dTIF-tMs4NR14VgwZSnZZ6dZk-RJYJGKREoNi5dm0W5QpEoujvpEk_B5HxXeHwkdCwOlvFfz6f9L7Ma8hfWl5nYrxR9KpI5B6KDecRBe5ZOWydC_-C80ia8wczN8a35Kgbj20WNVDgV_hlqdg5sKb8F7yvNnNd8Qol5E9hZTXbCfT2jpBmEOz2LmmyLkGRRyH_JAk1TDJ3e6X-pJXkfyXreX-x3PT3Y4iK2-TuRW7WW-13ju7QIJQzV1mUz2ul8WRbOKxt4LrxQEKTEh0wK9ewbmanqhcBr56F-HpJ7ZavkpIITvKzSZLzg4OuMsWTpPe8knW1nUiw” ^
https://int.api.service.nhs.uk/oauth2/token
{
"error": "invalid_request",
"error_description": "Invalid 'iss'/'sub' claims in client_assertion JWT",
"message_id": "rrt-2730306190529043736-a-geu2-190557-128721658-1"
}
I made sure that every time I hit the API, I generate a GUID before hitting the API.
And for iss/sub Claim Headers, I am using NHS Applciation ID which is genreated for Integration Test Environment :
Application ID 21420a71-b589-4a24-8149-13a9880e99ce
Can you please check and let me know If I am using it in the wrong way.
@Kiran_Kumar_Murari Can you please share your availibility to discuss this issue?
My Email Id is vikas.nautiyal1@nhs.net and I am free from 13:30 till 17:00 today , better to connect and understand the issue? Seems like you are using wrong url to test your API.
I sent the Invite. Kindly check.
As per the Update from Kiran the issue at their end and it is resolved now so closing off this ticket
I am having the same issue - is it possible to share how this was resolved? Is it a matter of using iss/sub identical to the API key at:
Log in to NHS Digital developer account…
Or is this something else?
Thanks!