I'm trying to run a HTTP get request in order to get messages from my facebook messenger channel that I have integrated with my smooch app. All I'm doing is a GET request to https://api.eu-1.smooch.io/v1/apps/app_id/appusers/user_id/messages with an authorization header, which is "Bearer app JWT". The result of this is the following, { "error": { "code": "invalid_auth", "description": "Invalid key id (kid)" } }
The key id and secret have been taken from the app settings page on the smooch website. The JWT was made up of the following,
i) "alg": "HS256", "typ": "JWT", "kid": "key id from app" ii) "scope": "app" iii) HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), app secret)
Any ideas on what I could check or from what you can see is there anything obviously wrong?
Invalid key id (kid)
means that your key doesn't exist or your app could not be found. I notice in your URL that you are hitting the EU region (https://api.eu-1.smooch.io
), is your application created in EU or US? I would suggest to try hitting the US endpoint https://api.smooch.io
and it will likely solve your problem