Exchange Token Validation Error with a JWT from Exchange Microservice

Paul Stempel 0 Reputation points
2024-02-11T16:12:21.1033333+00:00

Hello! I am struggling with the validation of the Exchange Token. The documented process on how to validate the token worked for a long time but does not anymore. Please see "Validate token contents" here Office 365 Exchange MicroserviceOffice 365 Exchange Microservice for the documentation. I assume the validation failed due to the missing x5t in https://outlook.office365.com/autodiscover/metadata/json/1 The error is: IDX10501: Signature validation failed. Unable to match key: kid: 'System.String'. Exceptions caught: 'System.Text.StringBuilder'. token: 'System.IdentityModel.Tokens.Jwt.JwtSecurityToken' It is obious that something changed. The JWT says that the app is "Office 365 Exchange Microservice" now. I would be grateful if you could give me a hint how to validate the new JWT from the Exchange Microservice. Best regards
Paul

Microsoft Exchange Online
Exchange Server Development
Exchange Server Development
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Development: The process of researching, productizing, and refining new or existing technologies.
525 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Miguel Gonçalves | AVANADE 886 Reputation points
    2024-06-11T22:38:12.94+00:00

    Hi Paul,

    If the JWT you’re trying to validate lacks the x5t parameter, it might be due to changes in the token generation process or the certificate used. The absence of x5t could lead to signature validation failures, as you’ve observed.

    The absence of x5t might indicate a change in the token generation process. Ensure that the certificate used for signing is correctly configured.

    You may need validate the new JWT from the Exchange Microservice - retrieving the public key, checking the thumbprint and verifying the signature.

    0 comments