Getting different JWT token for Android and iOS from Okta OIDC PKCE

Question

Getting different JWT token for Android and iOS from Okta OIDC PKCE

Opened this issue 3 years ago · 1 comments

Using this library for Android and iOS but getting different type of JWT token. When decoded, we found following difference.
Because of this difference token generated by iOS App is getting authenticated by backend server but token generated by Android app is getting rejected as invalid token.

Token generated by iOS looks like below. It contains "iss" ending with oauth2/default and aud as api://default.

{
  "ver": 1,
  "jti": "AT.Mbk7V5Sp1hNRzpHA4JKBoF9dniS4AO_WBPSUgNqJ4Pk",
  "iss": "https://org-dev.oktapreview.com/oauth2/default",
  "aud": "api://default",
  "iat": 1650342083,
  "exp": 1650345683,
  "cid": "0oa2gwdzyqm1DJAE41d7",
  "uid": "00u2icm9xhoYA6wVx1d7",
  "scp": [
    "email",
    "openid",
    "profile"
       ],
  "auth_time": 1650342081,
  "sub": "abhishek.lastname@org.com"
}

But in case of Android, "iss" is just "https://org-dev.oktapreview.com" and aud is also "https://org-dev.oktapreview.com"

{
  "ver": 1,
  "jti": "AT.VMgUDc-wJnEXTx4n5I-QyKTI0yMGTqBWw8HA9FE6EPY",
  "iss": "https://org-dev.oktapreview.com",
  "aud": "https://org-dev.oktapreview.com",
  "sub": "abhishek.lastname@org.com",
  "iat": 1649419357,
  "exp": 1649422957,
  "cid": "0oa2gwdzyqm1DJAE41d7",
  "uid": "00u2jz1wtzyVc1b0c1d7",
  "scp": [
    "openid",
    "profile",
    "email"
  ],
  "auth_time": 1649419354
}

Answer 1 · 2022-10-04T11:23:09.000Z

Hi, did you manage to solve this issue or any advance on it?

Thank you!