bug: no applicable key found in the JSON Web Key Set about logto HOT 8 CLOSED

Console backend login no longer reports an error, but the return value from Machine-to-Machine application requesting Machine-to-Machine is：

{
    "message": "未经授权。请检查凭据及其范围。",
    "code": "auth.unauthorized",
    "data": {
        "code": "ERR_JWKS_NO_MATCHING_KEY",
        "name": "JWKSNoMatchingKey",
        "message": "no applicable key found in the JSON Web Key Set"
    }
}

from logto.

Hi @cong5 , could you please elaborate on your setup and how you make M2M requests?

from logto.

Hi @cong5 , could you please elaborate on your setup and how you make M2M requests?

first request https://xxx.shop/oidc/token get access_token:

second request any Logto Management API response this error.

from logto.

Are you using a self-hosted OSS version? or you are using Logto Cloud.

from logto.

Are you using a self-hosted OSS version? or you are using Logto Cloud.
using a self-hosted version

from logto.

Did you or someone with access to your Logto localhost change the oidc.privateKeys after the instance started but before you requested the Logto management API?

from logto.

I can not reproduce your issue on my machine. I started a brand new OSS Logto instance with a new DB, created a m2m app, can hence successfully get the access token and access the management API. It could be helpful if you can provide a step by step guide to reproduce this issue.

from logto.

You can also check whether you have assigned the scope all to the M2M app via an m2m role.

from logto.