This message was deleted.
# generalm
microscopic-answer-24504
05/10/2023, 10:27 AMThis message was deleted.
m
magnificent-energy-493
05/10/2023, 4:05 PM
Hey @some-church-36962
how are you sending the request? Via the SDK?
👋 1
s
some-church-36962
05/10/2023, 5:40 PMvia curl / IntelliJ HTTP
m
magnificent-energy-493
05/11/2023, 7:45 AM
I see, that should be the simplest way probably…
Can you share some steps for me to reproduce maybe?
I am not sure what the issue is tbh, would have to look a bit more into it
👍 1
s
some-church-36962
05/11/2023, 1:55 PMFirst: Thanks for answering so quick!
What I did is:
1.) Create a machine2machine Oauth2 client with grant type JWT Bearer
2.) Via Ory SDK create a trust relationship (TrustOAuth2JwtGrantIssuer) with the JWK Keys of our OIDC Provider from here: https://oidc.eks.eu-central-1.amazonaws.com/id/DF7267627A9767B1C28CD8B6A1921B08/keys - Ory API responds 200, all good
3.) Using a Service Account Token from k8s, signed with the one of the oidc public keys, to POST against the Ory API
Copy code
curl -X POST --location "<https://vigorous-haslett-xrejub05do.projects.oryapis.com/oauth2/token>" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=k8s_jwt_tokensome-church-36962
05/11/2023, 3:00 PMOkay, I got it to work. If I set the client_id parameter explicitly, the API returns an access token. But that's not aligned with the documentation 😅
m
magnificent-energy-493
05/12/2023, 8:08 AM
Hey @some-church-36962
thanks for sharing the fix! We should change the docs to make that clear.
👍 1
magnificent-energy-493
05/12/2023, 8:09 AM
Can you share the working curl maybe as well 🙂
s
some-church-36962
05/12/2023, 8:11 AMSure!
Copy code
curl -X POST --location "<https://vigorous-haslett-xrejub05do.projects.oryapis.com/oauth2/token>" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "client_id=ca32524e4-cf35-4f40-add1-ce2d33768947&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=k8s_jwt"👍 1
6 Views