Debugging JWT-Related Errors While Configuring the ASAP Add-On
While setting up an ASAP add-on for your web/mobile app, you might encounter an error related to JSON Web Token (JWT) configuration. It is essential to debug this error because user authentication in the ASAP add-on is possible only through JWTs.
JWT Configuration Error in Web Add-On
JWT Configuration Error in Mobile Add-Ons
Android
iOS
Steps for Debugging the Error
- On the ASAP setup page in your Zoho Desk portal, check whether the JWT authentication method is enabled.
- If you encounter the error in a web add-on, check if the add-on is hosted in the same domain provided in the setup page.
- Make sure that the correct JWT secret is used in the JWT code.
Here is a sample code that depicts the use of a JWT secret. - The JWT secret must be in the correct format, i.e., an alphanumeric string partitioned by two dots (.). No other characters must be present before or after it.
- Verify the correctness of the details in the JWT secret, on the JWT website.
Paste the JWT token in the Encoded panel and check the payload on the Decoded panel.
Then, define the duration of validity for the token. To mention the starting time, use the not_before, nbf (not before), or iat (issued at) parameters.
To mention the ending time, use the not_after or exp (expires at) parameters.
Keep in mind that if nbf and iat are used, the time must be expressed in seconds, whereas if not_before, not_after, or exp are used, it must be expressed in milliseconds.
It doesn't matter if you include all the duration-related parameters in the JWT. Just make sure to pair the parameters and their values correctly. - Also, make sure that the duration of validity does not exceed 10 minutes.
- The JWT end-point is called from the Zoho Identity and Access Management (IAM) server and not from the browser. Therefore, check the working of the JWT end-point by triggering authentication from the web/mobile add-on and not a browser. Add logger statements in the JWT code to ensure that the validation call reaches the end-point.
- Also, make sure that the JWT is generated properly, by adding logger statements.
Related Articles
JWT for Authenticating Users in the ASAP Add-Ons
Introduction Based on whether they choose to login to the ASAP add-on or not, end-users can be classified as guest users and authenticated users. Those who choose to not login are called guest users and those who choose to login are called ...Working with the ASAP SDK for iOS
SDK v2.0 Introduction The ASAP SDK for iOS makes help available within quick reach for the end-users of your iOS app. Using this SDK, you can create and customize an add-on that resides within your app and provides end-users with easy access to your: ...Working with the ASAP Add-On for the Web
Introduction The ASAP add-on for websites makes your help center available within quick reach for your end-customers. By integrating this add-on with your website, you can provide your customers with easy access to your: Customer support team (to ...Working with the ASAP SDK for React Native
The ASAP SDK for React Native makes help available within quick reach for the end-users of your mobile app. Using this SDK, you can add and customize an add-on that resides within your iOS/Android app and provides end-users with easy access to your: ...Setting up Remote Authentication
The authentication method described here will be deprecated soon. We recommend using the SAML single sign-on method for increased security. Remote authentication allows you to incorporate your user management system with Zoho Desk. It allows your end ...