FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Resolving MissingVerifierException When Configuring External JWT IdP in FusionAuth

    Scheduled Pinned Locked Moved
    Frequently Asked Questions (FAQ)
    1
    2
    2
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wesley
      last edited by

      I’m trying to set up an External JWT Identity Provider to accept tokens from Keycloak. I’ve filled out all the necessary fields in FusionAuth, but when I send a token request to /api/jwt/reconcile, I get this error:

      io.fusionauth.jwt.MissingVerifierException : Message: No Verifier has been provided for verifying a signature signed using [SHA256withRSA]
      

      How can I resolve this?

      W 1 Reply Last reply Reply Quote 0
      • W
        wesley @wesley
        last edited by

        This error usually means FusionAuth doesn’t have the public key it needs to verify the JWT signature.

        Make sure you’ve imported the public key that Keycloak uses to sign tokens into Settings → Key Master in FusionAuth. Check whether your JWT includes a kid (Key ID) claim. If it does, the key you import into Key Master must have a matching Key ID. You can confirm the Key ID after importing by clicking the view (🔍) icon next to the key.

        Once the correct key is imported and matches the kid from the JWT, FusionAuth will be able to verify the token’s signature.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post