Auth0 Home Blog Docs

SAML Delegation

saml
api
delegation

#1

Once I login, I get id_token.
I am creating below POST Request to delegation endpoint.
{
“client_id” : “[CLIENT_ID]”,
“grant_type” : “urn:ietf:params:oauth:grant-type:jwt-bearer”,
“target” : “[CLIENT_ID]”,
“api_type” : “aws”,
“id_token” : “[id_token_obtained after login]
}
But I am getting back a response as follows:
{“error”:“invalid_token”,“error_description”:“invalid algorithm”,“statusCode”:401}

Log Error is as follows:
{
“date”: “2017-06-14T03:15:23.522Z”,
“type”: “fd”,
“description”: “invalid algorithm”,
“connection_id”: “”,
“client_id”: “UyzWPIqMmZ4cUsIPzVC8b4FScyZLZGfh”,
“client_name”: “okin”,
“ip”: “[IP address]”,
“user_agent”: “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36”,
“details”: {
“grant_type”: “urn:ietf:params:oauth:grant-type:jwt-bearer”,
“target”: “[CLIENT_ID]”,
“api_type”: “aws”
},
“log_id”: “49573801565560042589843000629440086346616206749985669154”
}


#2

Set Advanced Setting > Oauth > JsonWebTokenAlgorithm needs to be set to RS256
Else Amazon will return 401 / invalid token


#3