Hi Team,
We are upgrading daml version from 1.6.0 to 1.18.0.
And we unable to get the party details via v1/parties API, we getting below error -
errors: [“namespace missing in access token”]
status: 401
Can you help us on this issue.
Regards,
Priyanka
1 Like
nemanja
2
Hi @priyanka and welcome to the forum
Are you making the request via the HTTP JSON API?
Can you share your decoded JWT token? It sounds like it has an invalid format.
Hi,
Please find token detail below
Token
HEADER:ALGORITHM & TOKEN TYPE
{
“alg”: “RS256”,
“typ”: “JWT”,
“kid”: “blbuM_wwxxxxxmoRHgT52urXCnrRjo2upMfn9-W93DeU”
}
PAYLOAD:DATA
{
“exp”: 1788884832,
“iat”: 1688883951,
“auth_time”: 1639987633,
“jti”: “48wed2e6-84af-41ae-b5dd-976d29c3f999”,
“iss”: “https://xxx.xxx.xx”,
“aud”: “account”,
“sub”: “1f2971de-63e7-43fa-b791d-cb60ea920xxx”,
“typ”: “Bearer”,
“azp”: “xxx”,
“nonce”: “d5css71f-b0b8-4bfd-bhja-da67709027ec”,
“session_state”: “xxxefd-eb0f-4320-b79d-335xxx75”,
“acr”: “0”,
“allowed-origins”: [
“http://xxxx”,
“https://xxxxx”
],
“realm_access”: {
“roles”: [
“offline_access”
]
},
“resource_access”: {
“xxxxx-ui”: {
“roles”: [
“xxxxx-admin”
]
},
“account”: {
“roles”: [
“xxxxx-account”,
“xxxxx-account-links”,
“xxxxx-profile”
]
}
},
“scope”: “openid email profile”,
“ledgerId”: “xxxxxxxxxx”,
“actAs”: [
“Operator”
],
“email_verified”: true,
“name”: “xxxxxxxxx”,
“admin”: true,
“preferred_username”: “xxxxxxx”,
“given_name”: “xxxxx”,
“applicationId”: “xxxxxxxx”,
“family_name”: “xxxxxxx”,
“email”: “xxxxxxxxxxxx”,
“party”: “Operator”
}
This text will be hidden
please let me know if you need more information.
I am making request to v1/parties with below header
headers: {
"Content-Type": "application/json"
}
Hi @priyanka , unfortunately it looks like there has been a regression with regards to the legacy token format you’re using in the JSON API in SDK 1.17 and newer. I’ve opened [BUG] JSON API rejects tokens without oidc namespace · Issue #12215 · digital-asset/daml · GitHub to track this.
In the meantime, you have two options:
- Upgrade only to 1.16 which still supports that token format without errors.
- Switch to the new token format where the values are nested below the oidc namespace, e.g.,
replace
{
"ledgerId": "xxxxxxxxxx",
"actAs": [
"Operator"
],
"admin": true,
"applicationId": "xxxxxxxx"
}
by
{
"https://daml.com/ledger-api": {
"ledgerId": "xxxxxxxxxx",
"actAs": [
"Operator"
],
"admin": true,
"applicationId": "xxxxxxxx"
}
}
Note that the format you are using has been deprecated since SDK 1.0 so you should make the switch eventually either way.
okay, Thank you for your help.
Yes with 1.16.0 it accepts token.