Code development platform for open source projects from the European Union institutions 🔵 EU Login authentication by SMS has been phased out. To see alternatives please check here

Skip to content

Inconsistency in configuration of JWT_SECRET for FHIR

When sending a FHIR Patient-Search from the Portal, the openncp-client throws:

c.u.f.r.s.i.ExceptionHandlingInterceptor.createOperationOutcome(219) - Failure during REST processing: com.auth0.jwt.exceptions.SignatureVerificationException: The Token's Signature resulted invalid when verified using the Algorithm: HmacSHA512

If I validate the JWT with jwt.io using the JWT_SECRET form the configuration (Database), it works.

The problem is, that the openncp-client takes the secret from the config file e.g. openncp-application\openncp-application-client\src\main\resources\application.yml whereas the Portal-Backend from the configuration (Database).