Forum Discussion

julienb's avatar
julienb
Icon for Nimbostratus rankNimbostratus
Mar 04, 2021

JWT - Redirect URI - Encoded

Hello everyone,

I'm new with F5 products.

For a client I have to implement an OpenID Connect system, at the end of the authentication the user is redirect to an app with the id_token :

https://ip_adresse_of_server/openid-connect?token=*************

Inside the access profile, I changed the endings with Redirect and put this URL :

https://ip_address_of_server/openid-connect/?token=%{session.oauth.client.last.id_token}

But when the application get the token it looks like the token is encoded, the id_token begin with $CK$$ and ends with == ; On the server-side (the app (not managed by me)) the error is :

{"errorCode":-1,"errorMessage":"Invalid Compact JWS"}

What is weird is that inside the logs of F5 I can see the id_token and use it with jwt.io to decode it, and verify the signature (with the cert).

Thank you in advance !

No RepliesBe the first to reply