Signature Invalid when signing with JWT.NET


I am currently struggling with creating signatures with any .net library to access Twitch api endpoints. The page always says the signature is invalid when I copy paste my generated jwt there. When I edit the secret the signature is obviously adjusted and when I use the adjusted jwt I can make the Twitch api call without a problem. When I use my generated jwt I always end up with a 401 authentication failed.
I tried pretty much all of the .net libraries now and all of them generate a wrong signature for HS256… I am not sure what I do wrong since I am new to JWT and couldn’t find anything that points me to the right direction. Here is my code to generate the jwt using the library (GitHub - jwt-dotnet/jwt: Jwt.Net, a JWT (JSON Web Token) implementation for .NET). Would highly appreciate if someone could help me with this.

            var payload = new Dictionary<string, object>
           { "exp", DateTimeOffset.Now.AddSeconds(360).ToUnixTimeSeconds()},
           { "user_id", "668312333"},
           { "role", "external"},
        var secret = Encoding.UTF8.GetString(Convert.FromBase64String("MY SECRET"));

        IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); // symmetric
        IJsonSerializer serializer = new JsonNetSerializer();
        IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
        IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
        var token = encoder.Encode(payload, secret);

Hi @hypnotic,

Welcome to the Community!

Are you supposed to create your own tokens for the twitch endpoints? Typically you would request the tokens from Twitch’s Auth server.

That is what their docs say at least…

Hi @dan.woda

Thank you for your quick answer and your welcome, appreciate it!

Regarding the authentication for Twitch, they do actually need me to create my own JWT for API authentication. They have like two authentication methods for their API’s. One is for the regular API with requesting the OAuth token which I already implemented and the other one is for the extension API with JWT’s. I am currently creating an extension that calls an extension API method from my backend (Azure function). To be more specific I want to call this one here Reference | Twitch Developers
They even say my backend needs to create a JWT for authentication. I just can’t figure out why these .net libraries are not creating valid JWT’s.

Never mind, I actually figured it out, jesus I am dumb xD

Maybe this will help someone:

I should not have done UTF8 encoding, so this line here was wrong:
var secret = Encoding.UTF8.GetString(Convert.FromBase64String(“MY SECRET”))

it should have been this here:
var secret = Convert.FromBase64String(“MY SECRET”)

We all have those days :stuck_out_tongue_closed_eyes:

Thanks for posting an update! Glad you got it working!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.