Updating TPPs redirect-uris

[GvidasPranauskasKevin]

Hello,

I would like to have some assistance regarding the PATCH request to update TPPs redirect-uris.

Currently, we are sending this request:

    "method": "patch",
    "url": "https://openbanking.prod.lunar.app/tpp/redirect-uris",
    "body": {
        "redirectUris": [
            "https://api.kevin.eu/callbacks"
        ]
    },
    "options": {
        "headers": {
            "x-request-id": "072b41ff-1090-4630-a9ba-54c28930f425",
            "content-type": "application/json"
        }
    }
}

But the response we receive:

{
    "headers": {
        "date": "Tue, 05 Jul 2022 06:36:53 GMT",
        "content-type": "application/json",
        "content-length": "64",
        "connection": "close",
        "strict-transport-security": "max-age=15724800; includeSubDomains; preload"
    },
    "body": {
        "code": 401,
        "message": "unauthenticated for invalid credentials"
    }
}

We have followed this documentation on updating tpp-redirect uris. Could you please help us understand the issue?

[hoeg]

Hi, did you follow these steps described in the docs: https://developer.openbanking.dev.lunar.app/docs/default/api/registration/access_token/#tpps it seems that you are not providing a jwt to the call.

[GvidasPranauskasKevin]

Hey,
Apparently I have missed this part of documentation since there is no authorization header present in the API documentation. However, now, when I add this JWT token to the request, it looks like this:

{
    "method": "patch",
    "url": "https://sandbox.openbanking.prod.lunar.app/tpp/redirect-uris",
    "body": {
        "redirectUris": [
            "https://api.kevin.eu/callbacks"
        ]
    },
    "options": {
        "headers": {
            "x-request-id": "65bc8119-8cfe-412b-a22e-4ccf51f9992c",
            "content-type": "application/json",
            "authorization": "Bearer ****vK8w"
        }
    }
}

And the response I get:

{
    "headers": {
        "date": "Tue, 05 Jul 2022 09:30:21 GMT",
        "content-type": "application/json",
        "content-length": "83",
        "connection": "close",
        "strict-transport-security": "max-age=15724800; includeSubDomains; preload"
    },
    "body": {
        "code": 500,
        "message": "verify token: token contains an invalid number of segments"
    }
}

Apparently, the token we have received is not a correct JWT - it only contains 2 parts:

PszPU6LSQU<...>OHkg4.Ad70D4kw0S<...>wguo0

Please note a single . (dot) in the middle of JWT.

Any ideas?

[hoeg]

This requires further investigation, I will create a ticket internally and get back to you.

[GvidasPranauskasKevin]

Hello, are there any updates?

[GvidasPranauskasKevin]

Hello, are there any updates?

[GvidasPranauskasKevin]

Hello, are there any updates?

[GvidasPranauskasKevin]

Hello, are there any updates?

[GvidasPranauskasKevin]

@hoeg Hello, are there any updates?