问题
I am setting up WSO2 API Manager and secure API with self contained access token (JWT). Here's a link i followed to protect your APIs with self contained access token (JWT) using WSO2 API Manager and WSO2 Identity Server.
I am getting JWT token from the WSO2 identity server. But when I tried to get access token using the JWT token from WSO2IS, I am getting following error
HTTP/1.1 400 Bad Request
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 29 Aug 2019 11:53:42 GMT
Content-Type: application/json
Content-Length: 146
Connection: close
Server: WSO2 Carbon Server
{"error_description":"None of the audience values matched the tokenEndpoint Alias https://172.28.1.101:9444/oauth2/token","error":"invalid_grant"}
回答1:
I assume that you are using Oauth 2 Authorization code grant type. You have taken a JWT and then using that you are trying to get the access token. In your service provider configuration under Inbound Authentication Configuration under OAuth/OpenID Connect Configuration if you click edit there is a checkbox field named Enable Audience Restriction. Add the https://172.28.1.101:9444/oauth2/token as an audience. Then try the flow. For more information refer
https://docs.wso2.com/display/IS570/Configuring+Inbound+Authentication+for+a+Service+Provider
OAuth/OpenID Connect Configuration
来源:https://stackoverflow.com/questions/57709975/how-to-fix-none-of-the-audience-values-matched-the-tokenendpoint-alias-https