Error validating access token wordpress

Rated 3.96/5 based on 540 customer reviews

Your app might fail if you hardcode public keys in your applications.Be sure to include key rollover in your implementation.ID Tokens, on the other hand, are intended for authentication.They provide information about the resource owner, to allow you verify that they are who they say they are. Because of this, when a client makes an authentication request, the ID Token that is returned contains the The JSON Web Keys (JWK) need to be retrieved from your Okta Authorization Server, though your application should have them cached.

More information about Okta’s access tokens can be found here: https://com/standards/OAuth/index.html#access-token.As mentioned above, it is important that the resource server (your server-side application) accept only the access token from a client.This is because access tokens are intended for authorizing access to a resource.If your application cannot retrieve keys dynamically, the administrator can disable the automatic key rotation in the administration UI, generate a key credential and update the application to use it for signing.Alternatively, you can also validate an access or refresh Token using the Token Introspection endpoint: Introspection Request.

Leave a Reply