Verification of ApplicationID in JWT

Piyush_Bedi · April 23, 2020, 3:23am

Does the AuthService bundled with the SDK validate the ApplicationID in the JWT against the ApplicationID supplied in the LedgerAPI Command?

stefanobaghino-da · April 23, 2020, 8:08am

You are absolutely right, this is a bug. Thanks to @Robert_Autenrieth for looking into this.

I’m opening a ticket to track this.

stefanobaghino-da · April 23, 2020, 8:12am

Thanks for raising this.

Topic		Replies	Views
JWT auth questions Questions daml , sdk	4	518	April 27, 2021
`Missing applicationId in access token` error Questions	2	294	July 17, 2021
ApplicationID in User Token Questions ledger-api , canton	3	211	June 27, 2023
Findings about user management and JWT Questions daml	5	254	March 16, 2022
Check Ledger Id of Sandbox Ledger Questions daml , ledger , ledger-api	2	243	May 20, 2022