[Archive] JOSE_ALG_NOT_ALLOWED error on API verify

Archived Content from Web3Auth Community

This topic was originally posted by githubdiscussions on 1/9/2023.
This content has been migrated from our previous community forum to preserve valuable discussions.

---

Hi,

We are using our API to verify auth and then create users in our database on registration finished.
We follow your guidelines from documentation: link.

Occasionally an error occurs:
"error": {
"code": "ERR_JOSE_ALG_NOT_ALLOWED",
"name": "JOSEAlgNotAllowed"
}

Id token and app pub key are supplied every time and we can see that in our logs.

Do you have idea what can be problem that causing this random error ?

Originally posted by: zarnautovic

Check the discussion at: https://github.com/orgs/Web3Auth/discussions/1188

Hi @zarnautovic

I am assuming the idToken you're getting is from web3auth. In that case, the code described here would allow you to verify the token in your backend.

Please check out https://github.com/Web3Auth/examples/blob/main/web-core-sdk/server-side-verification/ssv-via-social-nextjs-core-example/pages/api/login.ts from our example repo to see how we have used it in a next.js application.

The version used in the example is "jose": "^4.11.1",. May I know which version are you using?

Originally posted by: shahbaz17