hello, i’m running into an annoying issue with my ...
# ory-selfhosting
hello, i’m running into an annoying issue with my oathkeeper setup in production that doesn’t occur locally in development, i’m using the bearer_token authenticator to validate a legacy token that gets converted using the id_token mutator, locally this works fine and the subject is set correctly in the generated token, but for some reason in production the subject always comes through with an empty string
i have verified that if i pass in an invalid (e.g. expired) token, authentication fails, so it appears to be executing the authenticator correctly
and if i call the same check_session_url manually in postman i get
Copy code
  "sub": "291677"
back as my response, so i think that should let oathkeeper set the subject in the id_token
is there a good way to debug exactly what oathkeeper is doing when it runs that authenticator?
i had another issue previously that was caused by an AWS security group blocking traffic, but that seems to be resolved given that i now get success/failure from oathkeeper depending on the validity of the token, just the subject piece is strange
Hi there, I think you might have better luck on the #oathkeeper channel with this question 😅
👍 1