Invalid token format

Question

I am trying to create a session using OpenTok API in my Web App. And I'm getting the following Error.

Request :

https://api.opentok.com/session/create
Method: POST
Headers: Accept:application/json
Headers: X-OPENTOK-AUTH :{"iss":"<My api key>","ist":"project","iat":"1528482600000","exp":"1528569000000","jti":"jwt_nonce"}

Error :

Response
{
"code": -1,
"message": "Invalid token format",
"description": "Invalid token format"
}

If i set X-TB-PARTNER-AUTH : : in header (which is deprecated) it works well.

Note: TokBox specified in their document that use of this deprecated form of authentication will expire in July 2017.

Any help will be appreciated.

score 2 · Answer 1 · answered Jun 13 '18 at 08:38

Tokbox QA staff here.

I've successfully tried with the code here:

https://tokbox.com/developer/rest/#authentication

import jwt # See https://pypi.python.org/pypi/PyJWT
import time
import uuid
print jwt.encode({"iss": "my-OpenTok-account-API-key",
    "iat": int(time.time()),
    "exp": int(time.time()) + 180,
    "ist": "project",
    "jti": str(uuid.uuid4())},
    'my-OpenTok-API-secret',
    algorithm='HS256')

Note the slight modification (including str) in the jti field. When I run this script (with my API key and secret), I get the token, and I store it in environment variable TOKEN.

The call will be:

curl -v -X POST https://api.opentok.com/session/create  -H "x-opentok-auth: $TOKEN"

And, what the server responds is:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><sessions><Session><session_id>2_MX4xMDB-fjE1Mjg4Nzg4MTE4Mjd-SWhJN0JFd0plRlhPUXBLanhSN0xjVjBSfn4</session_id><project_id>100</project_id><partner_id>100</partner_id><create_dt>Wed Jun 13 01:33:31 PDT 2018</create_dt><session_segment_id>d14b6edc-07c7-4b90-a4a5-962d864a86f4</session_segment_id><ice_credential_expiration>86100</ice_credential_expiration><properties><p2p><preference value="disabled"/></p2p><h264Codec>none</h264Codec><vp9Codec>none</vp9Codec><vp8Codec>all</vp8Codec><priorityVideoCodec>vp8</priorityVideoCodec><clientCandidates>all</clientCandidates></properties></Session></sessions>

I hope this helps.

Invalid token format

1 Answers1