I am using Keycloak as an auth provider for a React app. I have utilized k8s helm deployment for Keycloak deployment (Used this Bitnami package for Keycloak). On the React side, I am using @react-keycloak/web.
I am wrapping the entire app with ReactKeycloakProvider:
<ReactKeycloakProvider authClient={client}>
<App />
</ReactKeycloakProvider>
To obtain the access token, I am utilizing the useKeycloak() hook from @react-keycloak/web:
const { keycloak } = useKeycloak();const token = keycloak?.token;
The issue lies with the token signature (Checked using jwt.io). When running Keycloak locally, the signature is valid. However, when using the deployed Keycloak, I am encountering an error - invalid signature. I am using the RS256 algorithm for decoding. I want to use OAuth 2.0 auth code grant type.
I am using these settings in keycloak. Keycloak settings
I am seeking assistance in identifying the potential cause of this issue.
I tried decoding the access token using the HS256 algorithm. I expected the token signature to be valid when using the deployed Keycloak. However, the actual result was an error indicating an invalid signature. The local keycloak token has a valid signature.
Got the answer.
Decoding required the public key from the Keycloak side.
To get the Public Key- Realm Settings->Keys.
