OIDC and 401 error request for userinfo
We have encountered a problem when building an angular application and using angular-oauth2-oidc modules. Using responseType: 'code' and it seems to work until a request is made to the userinfo endpoint. Then a 401 is responded. NAM says Valid OAuth bearer token required. Token signature verification failed. I can se that there is a Authorization header and a Bearer token in the request.
Access Token Encryption: Do not encrypt.
ID Token Encrypted Response Algorithm: None
Client Type: Native/Desktop
No secret is used
and it is a pwa.
Any ideas what I have done wrong ?
Was the authorization code exchanged for Token? And the received access token is used at userinfo endpoint as Authorization Header Bearer token?
Any additional details did you observe in the IDP log?
After I did a code review I found that our developer had used an old constant string as a bearer token.
embarrassing , but it works now .
thank you !