1
votes

I tried to set up an OAuth 2.0 client on API Credentials page in Docebo with JWT Bearer grant type and upload a Public Key that is used to verify the signature of incoming assertion (JWT Bearer token). Docebo shows an error that Public Key is invalid (see an image 1 below).

I tried the following certificate file formats with public keys. Docebo doesn't accept them:

  1. Base-64 encoded X.509 (.CER)
  2. DER encoded binary X.509 (.CER)

Instructions from Docebo - APIs Authentication do not specify the file format too.

In which format Docebo accepts a Public Key for JWT Bearer grant type?

Image of "Public Key is invalid error message" in Docebo

1

1 Answers

2
votes

Docebo accepts public keys in PEM format (Base-64 encoded public key of X.509 certificate):

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMYfnvWtC8Id5bPKae5yXSxQTt
+Zpul6AnnZWfIdasdfsadfasdfasdfasdfasdfLKJKGCsRqMFDkrbeUjRrx8iL91
4/srnyf6sh9c8Zk04xEOpK1ypvBz+Ks4uZObtjnnitf0NBGdjMKxveTq+VE7BWUI
yQjtQ8mbDOsiLLvh7wIDAQAB
-----END PUBLIC KEY-----

To get a public key of a base-64 encoded X.509 (.CER) use the following command:

openssl x509 -pubkey -in certificate.cer -noout 1>PublicKey.pem