jwtgrant giving 400 as response

(Kamal Kannan) #1

Hi team, i am trying to integrate a sample bot into my web application. i have followed the steps as defined here https://github.com/Koredotcom/web-kore-sdk . When i run my application i do see the below error

and the response is like this
image and here is my sample jwt token generation code, please help me in resolving this issue

(Subrahmanyam Donepudi) #2

@kamalakannanvkp This error message is returned by the jwt grant API when the assertion (JWT) which is passed as the request payload doesn’t have the client ID in it. Could you please decode the generated JWT and see if it has the client ID in it?

(Kamal Kannan) #3

As you can see the claims [HashMap] contains the client Id in the request .
Also when i try to decode the jwt Token generated i could see the client Id in the paylod
i am trying to decode the below generated JWT TOKEN:


I am not sure why it still says as 400 . can you help in resolving the same ?

(Subrahmanyam Donepudi) #4


@kamalakannanvkp I have decoded the JWT and I see the client ID being passed using two keys as payload Data.

image.png1366x768 124 KB

I am connecting via the webSDK and I am hitting the JWT endpoint with below Form data:

Below is the JWT is received as response:

jwt: “eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1NDkyNzU1MTczNTUsImV4cCI6MTU0OTI3NTU3NzM1NSwiYXVkIjoiIiwiaXNzIjoiY3MtMTk4MzA2YmEtYjM0ZC01ZTRjLWFkZGMtOTg1ODY4NWE2NTNmIiwic3ViIjoic3ViYnUiLCJpc0Fub255bW91cyI6InRydWUifQ.052hDu1b8v7BUQDC_d0X9PqYbvCK6Qfny6DPPs0Du-g”

When I decode the URL, below is the information which I see is passed as Payload:

image.png1366x768 124 KB


(Kamal Kannan) #5

Thanks Subrahmanyam,

I ve changed as per the suggestion, below is the new error

and the token generated is

what could be the reason ?

(Subrahmanyam Donepudi) #6

@kamalakannanvkp The below error could possibly be because of the user identity. Could you please confirm if the identity being passed to JWT endpoint?

I suspect that you are trying to access a bot which has not been published yet with identity of someone who is not registered on the Kore.ai bots platform.

If we are trying to access a private bot (Bot which has not been published) , try to connect using email id of bot developer by passing the same as identity to the JWT .

If the bot is already published and its of purpose “Consumer”, the identity of user can be anything.

(Subrahmanyam Donepudi) #7

Also, have you selected the below highlighted option while creating the app on the builder tool?

image.png1366x768 126 KB

If not, could you please create a new app, update the channel, republish the bot, update the iOS SDK client for new client ID and secret and give it a try?

(Subrahmanyam Donepudi) #8

@kamalakannanvkp As agreed upon, the issue seems to be resolved with a change in the app and also the iOS SDK configuration. Do let us know if you come across any other issues.