DeviceCheck : Unable to verify authorization token

Question

Created Jan ’19

Replies 1

Boosts 0

Views 1.7k

Participants 1

I am getting a "Unable to verify authorization token" error when trying to query bits. The JWT looks ok when I decode it using https://jwt.io/

Not sure what I am missing. Here is my curl request

curl -i --verbose -H "Authorization: Bearer eyJhbGciOiJFUzI1Ni........" -X POST -d '{"device_token" : "AgAAAOXfgz0CIMIGW0Qyx5y0g2gEUNk0+me89vLfv5ZingpyOOkgXXXyjPzYTzWmWSu+BYqcD47byirLZ++3dJccpF99hWppT7G5xAuU+y56WpSYsATeR4KSP046eppm0TUW0rZq1sXOZGlzjlVFhRIB50hnvozamFvnd4z7cxRAPHxRQgD8/1Ak9oIcdSw2V6nPWV1p/gcAAJ2KEnxJqEGYmMD7Li44lvuu/vMILCRDQqxzivuu0gc2cBQbgrtBOSnxNHNuSQGPVkOgPv803qLIXHRj458HZXrWlxPm7hXLP5uVYHVrMnLFEqt5Vt8LCoYbLexhedD2s5Ac5wlvIOAop5e3CVCD9SigBYIPVPvfwsGEIaI9LkxhD7zlrOGtKNR9Z0SBvMkmLkxUbtEzWoGZZlUoevbCr3GZ/MOIlEiUcRbYjq0xf4TMoJX+ArD1vzOGww1SA5ARJZ/KgSJEvP13REjvjA3ZRFO/aHXdg1FKMliHoAeylMAVh3ZcY88ppdjwdRuY1gESetGoAKV5TCyYhu/BoIsyT+zKO8VJvYe390oT7UKvU7zNW2Du8BU9WbRTDwmnkAM0B9PtwLv3+iMkKIKbLsPyXVN5SNpNu8Fh3ZCq9B3zDGi9h8Bicq7ybvqwA4H6dlnEwmF9lfW/OmxyjEDNzBOdxtWo79o3fj8xHWDr1LMKjUsfvyU30RAeDad32xdgCdNQ1E30KAlD68oEzVBBloBD0+hXMJq3vt2wo3uiX/NhX7izNyX1dld+MeQtutetTUdRqnyn1bHeGgbyXBC+yYkCBwd1rSfiQv2H3Ji8FlNx5N10RmAKub0gx+gtEYDn5MHp2bLVP89Y8+4nXxHz43z9NsneWaMEfQXWQVU5toIAxFNvzMMkQN+qhP2/kkdqdBrgfPWJC7ZZgzdw8mMJxjW+CuTR0KzexAnF2MUGIHQMnwXp4CgBLUzVopNBkod07+KFVtDWJzxVJzbNmL9lkCGRghntXDXDCOsmW0s0vU3I7L3sWcFgz4y2jQxxIoqsx2eklCCk1Kmb6FnyPvMilTEuKCeVXYSpfqYcUZGxspYi+qDsH5LPjh6awUVqURqM4O/7tJbylfiaNhEwBcsKuAmwovpX1vF2tXLlnUWycUegPzNwYWj5yjYJQqtsdAuTvF1XC8RtqC5HG/EW1hZl+wk8p0LhnZhzM3gHajnkIoSdNPPSgzF5klrNzVOIlGvMEK+Va53OZPLQDK3t6O6Q0gQXh......", "transaction_id" : "123e4567-e89b-42d3-a456-556640500", "timestamp" : 1548372170020}' https://api.development.devicecheck.apple.com/v1/query_two_bits

Boost

Answer 1

danugu OP

Jan ’19

Here is what caused the error in my case:

I was passing the timestamp in milliseconds instead of seconds for "iat" while building the JWT

0