Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Attestation service fails to validate JWT in live tests
See original GitHub issueAbout once every day or two we get an error for Key Vault live tests:
Target environment attestation statement cannot be verified.
Status: 403 (Forbidden)
ErrorCode: Forbidden
Content:
{"error":{"code":"Forbidden","message":"Target environment attestation statement cannot be verified.","innererror":{"code":"AccessDenied"}}}
The service team is adding more logging to diagnose the issue but is not seeing this outside our tests. For now, PR #27921 will ignore it but we’ll want to remove the [AttestationMayFail] attribute eventually.
/cc @maorleger
Issue Analytics
- State:
- Created a year ago
- Comments:5 (5 by maintainers)
Top Results From Across the Web
Troubleshooting JWT validation
This page provides troubleshooting information if the JWT validation fails and ESP returns an error in the response to the client. See RFC...
Read more >Best practices for server-side handling of JWT tokens [closed]
1) Should JWT token validation be limited to verifying the signature of the token itself, relying on the integrity of the server secret...
Read more >JWT (JSON Web Tokens) Errors | Invalid JWT Signature
For Invalid JWT Signature, check if your service account key has expired. Go to your APIs & Services to add a new key...
Read more >Offline JWT Validation with Go
When a user successfully logs in to an application using a service like Okta, an OIDC access token is generated in the form...
Read more >JWT authentication: Best practices and when to use it
A guide for using JWT authentication to prevent basic security issues. ... A JWT is a mechanism to verify the owner of some...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
We literally just found a possible cause for this, a hotfix is in progress.
I haven’t seen it in a while, so closing.