I have a validate-jwt instruction in my APIM API policy (<inbound>
section).
I am sending a hopefully correct token in a header and the request still fails.
What would be the way to find out from the APIM which specific JWT token validation check has failed?
2
Answers
I have figured out how to do the logging.
Note that type is different depending on what is wrong with the JWT token, but I am speculating that all relevant types might start with "Token..."
so you get something like
Also, from App Insights' Application map one can click through to failed requests and drill down to exceptions arriving at similar log outputs.
Have you checked that the JWT is in fact valid? To do this you can paste the whole token value to https://jwt.ms in order to decode the token to see if you are missing any information.
If the token is valid, I would suggest setting up Application Insights for APIM if you haven’t done that already and see if you can get any more relevant information from the logs there.