Skip to content

JWT Authentication Fails with "401 Invalid Signature" #7128

New issue
New issue
Open
Open
JWT Authentication Fails with "401 Invalid Signature"#7128
Labels
bugSomething isn't working
@yang-wang11

Description

@yang-wang11
yang-wang11
opened on Feb 14, 2025

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

Our team is currently using KIC 2.9 with Kong 3.3(dbless mode), and we suspect that a large number of KongConsumers is causing authentication failures.

We have 6,912 KongConsumers, but even though both KongConsumers and corresponding Secrets are correctly configured, requests with valid JWTs are being rejected with a "401 Invalid Signature"

I suspect that KIC is unable to handle such a large number of KongConsumers and fails to sync(deck) them properly to Kong. To verify this, I queried the Admin API at $url/jwt, but the response only contained a limited number of JWT credentials, rather than the expected full set.

Expected Behavior

  • Requests with valid JWTs should be authenticated successfully.
  • Kong should be able to handle and sync all 6,912 KongConsumers correctly.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions