Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Expected JWT to be signed with 'RS256' but it was signed with 'HS256' instead

Doug Bass
Doug Bass March 3, 2023

I've developed a Connect app and starting today I'm getting the following errors in our middle tier server log:

com.atlassian.connect.spring.internal.jwt.JwtInvalidSigningAlgorithmException: Expected JWT to be signed with 'RS256' but it was signed with 'HS256' instead
at com.atlassian.connect.spring.internal.jwt.RsaJwtReader.getKeyIdAndCheckSigningAlgorithm(RsaJwtReader.java:48)
at com.atlassian.connect.spring.internal.auth.asymmetric.AsymmetricAuthenticationProvider.authenticate(AsymmetricAuthenticationProvider.java:57)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201)
Are their recent changes to Atlassian's platform or SDK that would cause this? I've been developed my app for the last 12 months and this is the first tike I've seen this.
Also I see the error message:
com.atlassian.connect.spring.internal.auth.jwt.UnknownJwtIssuerException: Could not find an installed host for the provided client key: csrt-fake-token-ignore
This is being received from a known user. I understand thisis a security test by Atlassian but it's coming from one of my customer's cloud instance, ie, not an atlassian cloud account.
Any help is appreciated.
Answer
Watch
Like Andrii Maliuta likes this
710 views

2 answers

0 votes
Andrii Maliuta
Andrii Maliuta
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 25, 2023

For Connect Spring Boot app it writes exceptions to logs each second:

```com.atlassian.connect.spring.internal.auth.jwt.UnknownJwtIssuerException: Could not find an installed host for the provided client key: csrt-fake-token-ignore```

This seams to be too often and causes a lot of errors and performance issues. 

@marc -Collabello--Phase Locked-  

>> The `csrt-fake-token-ignore` is usually caused by automatic testing by Atlassian.

Could you please specify where this information can be found?

Thank you

Reply
0 votes
marc -Collabello--Phase Locked-
marc -Collabello--Phase Locked-
Community Champion
March 5, 2023

Hi @Doug Bass ,

I'm not aware of any recent changes by Atlassian.  The `csrt-fake-token-ignore` is usually caused by automatic testing by Atlassian.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security