https://community.qlik.com/t5/Integration-Extension-APIs/JWT-suddenly-stopped-working-401-unauthorized/m-p/2469376#M20891 <P>The problem was the setting of the following two parameters in the token.</P> <UL> <LI>Not before (nbf): identifies the starting time on which the<SPAN>&nbsp;</SPAN><SPAN data-mc-conditions="Targets.NotToTranslate">JWT</SPAN><SPAN>&nbsp;</SPAN>is accepted.</LI> <LI>Issued at (iat): identifies the time at which the<SPAN>&nbsp;</SPAN><SPAN data-mc-conditions="Targets.NotToTranslate">JWT</SPAN><SPAN>&nbsp;</SPAN>was issued.</LI> </UL> <P>&nbsp;</P> <P>We are creating the JWT token in PHP as follows:</P> <LI-CODE lang="markup">$the_time = time() - 10; (start time is before 10 seconds) $exp_time = $the_time + 60 * 60; (expiration time is 60 minutes after the start)</LI-CODE> <P>and in the token:<BR /><BR /></P> <LI-CODE lang="markup"> { "jti": 1720591311, "iss": "issuer", "aud": "qlik.api/login/jwt-session", "sub": "6456c639a7ec9b1be923689c", "subType": "user", "iat": $the_time, "nbf": $the_time, "exp": $exp_time, "name": "John Doe", "email": "name@domain.com", "email_verified": true }</LI-CODE> <P>&nbsp;</P> <P>The problem was in the 10 seconds setting.</P> <P>Setting the issue time and not before time to 5 minutes ago did the trick.</P> <LI-CODE lang="markup">$the_time = time() - 300; (start time is before 300 seconds) </LI-CODE> <P>&nbsp;</P> <P>It seems that somehow the Qlik tenant time got desynchronized over time since the original setting with the 10 seconds interval worked like a charm for 3 months.</P> <P>I hope my notes are useful to others.</P> Wed, 10 Jul 2024 06:14:02 GMT pdimitrakis 2024-07-10T06:14:02Z https://community.qlik.com/t5/Integration-Extension-APIs/JWT-suddenly-stopped-working-401-unauthorized/m-p/2469058#M20884 <P>Hello,</P> <P>We have been using JWT authentication to access a mashup webpage since 03/2024.<BR /><BR />We needed some help then as seen in our question back then:<BR /><BR /><A href="https://community.qlik.com/t5/Integration-Extension-APIs/JWT-authentication-in-mashup/m-p/2435434" target="_blank" rel="noopener">https://community.qlik.com/t5/Integration-Extension-APIs/JWT-authentication-in-mashup/m-p/2435434</A></P> <P>&nbsp;</P> <P>Ten days ago, the JWT authentication suddenly stopped working and all requests from various browsers and pc is the same:</P> <P>&nbsp;</P> <P>&nbsp;</P> <LI-CODE lang="markup">{ "errors": [ { "title": "Unauthorized", "code": "AUTH-1", "status": "401" } ], "traceId": "51a5bfec3f6a857bed9dc7fb96cc23a6" }</LI-CODE> <P>&nbsp;</P> <P>&nbsp;</P> <P>We already tried recreating the key pair to test if that was the root of the problem, with no success.<BR /><BR />Any thoughts?<BR /><SPAN>Thanks in advance</SPAN></P> Tue, 09 Jul 2024 09:10:56 GMT https://community.qlik.com/t5/Integration-Extension-APIs/JWT-suddenly-stopped-working-401-unauthorized/m-p/2469058#M20884 pdimitrakis 2024-07-09T09:10:56Z https://community.qlik.com/t5/Integration-Extension-APIs/JWT-suddenly-stopped-working-401-unauthorized/m-p/2469376#M20891 <P>The problem was the setting of the following two parameters in the token.</P> <UL> <LI>Not before (nbf): identifies the starting time on which the<SPAN>&nbsp;</SPAN><SPAN data-mc-conditions="Targets.NotToTranslate">JWT</SPAN><SPAN>&nbsp;</SPAN>is accepted.</LI> <LI>Issued at (iat): identifies the time at which the<SPAN>&nbsp;</SPAN><SPAN data-mc-conditions="Targets.NotToTranslate">JWT</SPAN><SPAN>&nbsp;</SPAN>was issued.</LI> </UL> <P>&nbsp;</P> <P>We are creating the JWT token in PHP as follows:</P> <LI-CODE lang="markup">$the_time = time() - 10; (start time is before 10 seconds) $exp_time = $the_time + 60 * 60; (expiration time is 60 minutes after the start)</LI-CODE> <P>and in the token:<BR /><BR /></P> <LI-CODE lang="markup"> { "jti": 1720591311, "iss": "issuer", "aud": "qlik.api/login/jwt-session", "sub": "6456c639a7ec9b1be923689c", "subType": "user", "iat": $the_time, "nbf": $the_time, "exp": $exp_time, "name": "John Doe", "email": "name@domain.com", "email_verified": true }</LI-CODE> <P>&nbsp;</P> <P>The problem was in the 10 seconds setting.</P> <P>Setting the issue time and not before time to 5 minutes ago did the trick.</P> <LI-CODE lang="markup">$the_time = time() - 300; (start time is before 300 seconds) </LI-CODE> <P>&nbsp;</P> <P>It seems that somehow the Qlik tenant time got desynchronized over time since the original setting with the 10 seconds interval worked like a charm for 3 months.</P> <P>I hope my notes are useful to others.</P> Wed, 10 Jul 2024 06:14:02 GMT https://community.qlik.com/t5/Integration-Extension-APIs/JWT-suddenly-stopped-working-401-unauthorized/m-p/2469376#M20891 pdimitrakis 2024-07-10T06:14:02Z