cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - If community subscription notifications are filling up your inbox you can set up a daily digest and get all your notifications in a single email. X

Translate the entire conversation x

Invalid token exception JWTTokenGenerationResource JWT_ISSUER_INVALID Issuer of the token is invalid

vshanmugavelayu
11-Garnet
11-Garnet
‎Feb 13, 2025 03:05 AM
‎Feb 13, 2025 03:05 AM

Invalid token exception JWTTokenGenerationResource JWT_ISSUER_INVALID Issuer of the token is invalid

Facing issue to validate Connection on ThingWorx OData connection while using SSO with Microsoft Entra

 

2025-02-12 07:53:10,084 INFO [ajp-nio-127.0.0.1-8011-exec-5] wt.jwt.oauth2.token.AuditLogger.Log - Start verifying JWT access token.
2025-02-12 07:53:10,084 DEBUG [ajp-nio-127.0.0.1-8011-exec-5] wt.jwt.oauth2.token.AuditLogger.Log - getVerifier() --> start
2025-02-12 07:53:10,084 DEBUG [ajp-nio-127.0.0.1-8011-exec-5] wt.jwt.oauth2.token.AuditLogger.Log - Azure AD verifyMandatoryAttributes() --> start
2025-02-12 07:53:10,084 DEBUG [ajp-nio-127.0.0.1-8011-exec-5] wt.jwt.oauth2.token.AuditLogger.Log - OAuth2 verifyMandatoryAttributes() --> start
2025-02-12 07:53:10,084 ERROR [ajp-nio-127.0.0.1-8011-exec-5] wt.jwt.oauth2.token.AuditLogger.Log - Invalid token exception: (wt.jwt.servlet.JWTTokenGenerationResource/JWT_ISSUER_INVALID) wt.util.WTException: Issuer of the token is invalid.
at wt.jwt.framework.JWTTokenVerifierDelegate.verifyIssuer(JWTTokenVerifierDelegate.java:148)
at wt.jwt.framework.JWTTokenVerifierDelegate.verifyMandatoryAttributes(JWTTokenVerifierDelegate.java:334)
at wt.jwt.oauth2.token.OAuth2JWTTokenValidationDelegate.verifyMandatoryAttributes(OAuth2JWTTokenValidationDelegate.java:84)
at wt.jwt.oauth2.token.AzureADOAuth2JWTTokenValidationDelegate.verifyMandatoryAttributes(AzureADOAuth2JWTTokenValidationDelegate.java:74)
at wt.jwt.framework.JWTTokenServiceProvider.verifyToken(JWTTokenServiceProvider.java:190)
at wt.jwt.framework.JWTTokenServiceProvider.getClaims(JWTTokenServiceProvider.java:140)
at wt.jwt.oauth2.token.JWTLocalTokenService.loadAuthentication(JWTLocalTokenService.java:94)
at org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager.authenticate(OAuth2AuthenticationManager.java:87)
at com.ptc.eauth.identity.oauth2.rs.ResourceAwareOAuth2AuthenticationManager.authenticate(ResourceAwareOAuth2AuthenticationManager.java:44)
at org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:156)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:367)
at org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:526)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:882)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1657)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)

0 Kudos
Notify Moderator
2 REPLIES 2
VladimirN
24-Ruby III
24-Ruby III
(To:vshanmugavelayu)
‎Feb 13, 2025 03:27 AM
‎Feb 13, 2025 03:27 AM

Take a look - "ThingWorx Navigate configured with SSO (direct connection to Entra ID) fails to retrieve data from Windchill": https://www.ptc.com/en/support/article/CS415824 

Notify Moderator
vnamboodheri
Moderator
Moderator
(To:VladimirN)
‎Feb 20, 2025 03:17 AM
‎Feb 20, 2025 03:17 AM

Hello @vshanmugavelayu

 

It looks like you have a response from a community champion. If it helped you solve your question please mark the reply as the Accepted Solution. 
Of course, if you have more to share on your issue, please let the Community know so other community members can continue to help you.

Thanks,
Vivek N.
Community Moderation Team.

0 Kudos
Notify Moderator
Announcements
Contact Community Management
Top Tags