oAuth JWT Grant Type Troubleshooting stepsIssue This article focuses on the possible troubleshooting steps involved for oAuth 2.0 JWT bearer grant Type. Procedure Enable debugger property related to oAuth com.snc.platform.security.oauth.debug = trueglide.auth.debug.enabled = true Ensure all the required parameters for oAuth Provider is configured. Client IDClient SecretToken URLProfileScopeJWT Provider Validate if the keystore has a valid password in it. Ensure the same password is used within the NOW platform.Validate if the signing key within the keystore has a valid password in it. Ensure the same password is used within the NOW platform.Get oAuth Token from Outbound Rest Message.Logs are printed in the localhost logs if the debugger property is enabled. Check the log for any errors if the token is not generated.If there are no errors in the log verify if JWT is generated within the NOW Platform. Started to generate JWTAuthAdding payload claims to jwt with name = box_sub_type and value = enterpriseAuthAdding payload claims to jwt with name = aud and value = https://api.box.com/oauth2/tokenAuthAdding payload claims to jwt with name = sub and value = 120961449AuthAdding payload claims to jwt with name = iss and value = o9xqbay28g97deumamwz2s0tvtsfrusbAuthAdding claims to jwt. Header Claims = [], keyId = , issuedAt = Thu Nov 15 15:15:52 PST 2018, expiresAt = Thu Nov 15 15:16:52 PST 2018, issuer = o9xqbay28g97deumamwz2s0tvtsfrusb, notBefore = null, signingAlgorithms=RS256, jwtId=e5a988d8-23da-465f-b34c-bbecff42257cSuccessfully generated JWT Verify if the request is sent OAUTH - OAuthHTTPRequest : Sending http request, url:https://api.box.com/oauth2/tokenOAUTH - OAuthHTTPRequest : Sending http request, body:grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJodHRwczovL2FwaS5ib3guY29tL29hdXRoMi90b2tlbiIsInN1YiI6IjEyMDk2MTQ0OSIsImJveF9zdWJfdHlwZSI6ImVudGVycHJpc2UiLCJpc3MiOiJvOXhxYmF5MjhnOTdkZXVtYW13ejJzMHR2dHNmcnVzYiIsImV4cCI6MTU0MjMyMzgxMiwiaWF0IjoxNTQyMzIzNzUyLCJqdGkiOiJlNWE5ODhkOC0yM2RhLTQ2NWYtYjM0Yy1iYmVjZmY0MjI1N2MifQ.O1f7vpKPKgGJWfOn_hXIu18d5AVv8wjqaxvEGlVQaNBWTQ3H4AKJ1XcE1VFrpeCXpxb0uZ2wb_O4JctZeX-qP7aH9R9QovT9tMpxEQCpmDNX5XAs3iw_X5yfT_eYszMBcrS2ZpXbEj82lVLgGixV7tRWhq0tLgIoIUAPcnbAsu2L6ec5wsCyqAv4l4XwqicYjk8Pl94WbcfmFF3Cg2eWhELB2EFG5_V48NOsvTHWBTkwp-aLS-YIH17w5uPAKht7BjtW0CBsbrCxjgVoc_VGpLqHNyl0BXMHI9wBDSCffA2sWamGTDxqferagdYXt_8jfkahqslKhmCAbCUonfnBSw&client_secret=DRcW5sBRcuy4jDqryIoPB5BhCw7h1QzL&client_id=o9xqbay28g97deumamwz2s0tvtsfrusbSecurityUtils: Obfuscating Key : access_token and all its children! Use the jwt.io site to decode assertion. Verify if Header and Payload are generated with all the required claims.If the request is processed by the oAuth Provider verify if a response was returned. OAUTH - OAuthHTTPRequest : Received http response: {"access_token":"********","token_type":"bearer","expires_in":4245,"restricted_to":[]} Verify if the token is returned in the responseIf the token is not returned review error messages and take appropriate action. Possible errors could be related to signing key, claims, client id, or client secret.The token is sent as an Authorization header for outbound REST messages, ensure the token matches the request header. Enable Outbound HTTP Debugging to log HTTP request and response ReleaseMadridRelated LinksOutbound Web Services LoggingEncode/Decode JWT Token: https://www.jsonwebtoken.io/JWT Builder http://jwtbuilder.jamiekurtz.com/Encode/Decode JWT Token: https://jwt.io/