Forum Discussion

Alex_Lu's avatar
Alex_Lu
Copper Contributor
Jul 15, 2020

ID token issued by AAD doesn't match public signing key

Hi,   I've encountered an issue that ID tokens (JWT) issued by AAD do not match a public signing key.    This is my JWKS url: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flog...
Authentication
Azure Active Directory (AAD)
Identity Management
jinsongz's avatar
jinsongz
Copper Contributor
Sep 03, 2020

Alex_Lu I've run into exactly the same problem: the signing key (for the id token) does not match any of the keys pulled from the JWK uri (/discovery/v2.0/keys) while the signing key for the access token does match one. Were you able to solve it somehow? It seems not much we can do until Azure fixes it.

Alex_Lu's avatar
Alex_Lu
Copper Contributor
Sep 03, 2020

Hi jinsongz, I'm glad someone else has encountered the same issue. 

 

We had no choice but to switch to SAML as the rest of the companies are all SAML based clients. Our set up is to have AWS cognito as authorization server with AAD as IDP. I suggest you follow the same pattern if you have a similar set up.