Any help getting started setting up JWT


My organization doesn’t have OAUTH2, and JWT secret tokens and whatnot are left blank on config files.

This is fine and dandy when reaching most of the pages but is currently giving me an error that logs me out for the first 10 minutes and then works until the situation happens again.

Basically an event triggers a URL request, that URL gives me an authentication error and logs me out for the first 10 minutes.

This event gets triggered every time a user enrolls on a course or earns a certificate, we use free self requested honor certificates, it happens frequently enough to become a major issue.

I can advance on a course, I can go to my account and change it, I can log out, I can log in, I can enroll in another course. I am just logged out every time I access my profile because it makes a request that requires a JWT token and this gives me an invalid credentials error.

We could theoretically disable this events that make the JWT call but our current goal is to get things to work properly, our client is extremely interested on getting this feature to work.

It would also be awesome if someone could explain what changes after the 10 minute mark that make the oauth2/jwt error irelevant so that we can try to force this event on our own.

Working on it following an automatically translated version of the following web as it is accessing the same URL that is currently troubleing me:

I can do

curl -X POST -d “client_id=id&client_secret=secret&grant_type=client_credentials” http://myedxinstance/oauth2/access_token

And I get a reply with the format
{“access_token”: “token”, “token_type”: “Bearer”, “expires_in”: 36000, “scope”:“scope”}

However when I do
curl -k -H "Authorization: Bearer token” http://myedxinstance/api/user/v1/accounts/randomuser

I get nothing.

When I repeat the request through postman using the bearer token I have obtained I get the same invalid credentials error.