When configuring OpenID get oauth failed with [jwt] invalid alg

Solution Verified - Updated -


  • We are config 3scale API/Product authentication with OpenID, but when when testing the API, we got Authentication failed
  • Debug APICast logs following

    2099/01/01 03:29:09 [debug] 19#19: *xxxxxxx proxy.lua:280: rewrite(): oauth failed with [jwt] invalid alg, requestID=xxxxxxxxxxxxxxxxxxxxxxxx
    2099/01/01 03:29:09 [info] 19#19: *xxxxxxx errors.lua:17: rewrite(): authorization failed for service XXX, requestID=xxxxxxxxxxxxxxxxxxxxxxxx, client:, server: _, request: "GET /api/v1/path1/path2 HTTP/1.1", host: "api-apicast-staging.example.com:443"
    2099/01/01 03:29:09 [debug] 19#19: *xxxxxxx executor.lua:26: header_filter(): executor phase: header_filter, requestID=xxxxxxxxxxxxxxxxxxxxxxxx
  • What is the reason for above authentication failure?


  • Red Hat 3scale API Management
    • 2.10.0 On-premises

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content