Hi @DarylLim, that’s interesting. It seems like your application gets a non 200 back from our JWKS endpoint (https://forge.cdn.prod.atlassian-dev.net/.well-known/jwks.json). Are you able to try request that endpoint directly using a client (node-fetch, axios … etc) and see if you get an error back.
Hmm, where is your remote server running and what version of Node.js are you on?
The error that you are seeing seems to come from here. If you are running your server locally, you could potentially tweak that file to log out the status code and body to see if we can find any more clues.
I’m trying to use a webtrigger as my remote endpoint and see if I can do forge remote features without using another server. Maybe that’s why I am getting the error. I am using node version 18.18.0 by the way.
Maybe I’m doing a wrong approach. The reason why I tried this is because we want to use the app permissions without using another server. Hence, tried using the webtriggers. However, when api.asApp is used on webtrigger, I am getting error 401 unauthorized. I’m having a hard time finding some docs/topics/samples regarding on how to create/verify authorization on webtriggers since when calling it through fetch, it has no authorization on the headers. That’s why I switched on making it a remote endpoint. Do you have any suggestions on this?
I’ve also tried invoking resolver but it has some limitations that becomes a blocker.
Ahh I see, if you are trying to hit the JWKS endpoint directly from a Forge Webtrigger, then you need to add the JWKS URL in the egress permissions. I am kind of surprised that the code snippet you attached works in the web-trigger.
I’ve also tried invoking resolver but it has some limitations that becomes a blocker.
Can you please explain these limitations? If possible, it would be ideal to go through a resolver rather than using a remote.
Hi @BoZhang, tried to add it on the egress permissions and it worked. Although I have a different error now (I’ll research and investigate the cause of this one):
Can you please explain these limitations? If possible, it would be ideal to go through a resolver rather than using a remote.
About this one, I’m trying to send some files but when I tried it on adding to the payload of invoke, it doesn’t seem to push through on larger files. (I’m not sure but I think it is related to graphQL. this was our blocker before that’s why we changed approach)
For that error, please make sure that the appId that you verify against the audience claim is in format ari:cloud:ecosystem::app/{id-in-your-manifest}.
I’m trying to send some files but when I tried it on adding to the payload of invoke, it doesn’t seem to push through on larger files. (I’m not sure but I think it is related to graphQL. this was our blocker before that’s why we changed approach)
Can you please elaborate a bit more on what you are trying to achieve with the handling of these files and the error that you are seeing? In addition, using Forge remote and Webtriggers doesn’t evade GraphQL, these are used under the hood for both capabilities, they are just abstracted away.
