Pablo, Are you looking for this flow diagram, https://apereo.github.io/cas/6.6.x/installation/Configure-ServiceTicket-JWT.html#flow-diagram ?
JWTs are validated on the service side, not in CAS. Ray On Fri, 2023-03-31 at 19:07 -0700, Pablo Vidaurri wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. For JWT as a service, what is the appropriate CAS Validation Filter to use on the client side? Or does this have to be custom Filter where I need to verify the signature, decode, and create the Assertion with principle? On Thursday, March 30, 2023 at 11:05:28 AM UTC-5 Pablo Vidaurri wrote: I'm following this to setup JWT as a service ticket: https://apereo.github.io/cas/6.5.x/installation/Configure-ServiceTicket-JWT.html I am using global keys and not defining them in service json file. I am able to login but get a failure when validating the ST. Looks like the ST being check is the encrypted/signed JWT: ERROR [org.apereo.cas.ticket.DefaultTicketCatalog] - <Ticket definition for [eyJhbGciOiJu...qOWxGRS1sb2NhbGhvc3QifQ.] cannot be found in the ticket catalog which only contains the following ticket types: [[TGT, ST, RT, AT, PT, TST, OC, SART, ODUC, PGT, SATQ, ODT]]> WARN [org.apereo.cas.DefaultCentralAuthenticationService] - <Service ticket [eyJhbGciOiJu...qOWxGRS1sb2NhbGhvc3QifQ.] does not exist.> 2023-03-30 10:15:43,875 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: eyJhbGciOiJu...qOWxGRS1sb2NhbGhvc3QifQ. for http://localhost:9003/login/cas ACTION: SERVICE_TICKET_VALIDATE_FAILED APPLICATION: CAS WHEN: Thu Mar 30 10:15:43 CDT 2023 CLIENT IP ADDRESS: 127.0.0.1 SERVER IP ADDRESS: 127.0.0.1 ============================================================= Is there a config missing that is not in the doucment? -psv -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/103b97e64919f0e267df664a7b79b4221242198a.camel%40uvic.ca.