Problem downloading credentials in the inji stack setup

TomasOGTIC · April 7, 2025, 2:11pm

I am running the inji stack setup that can be found in the inji-certify repository here: inji-certify/docker-compose/docker-compose-injistack at master · mosip/inji-certify.

After following all the steps, everything seems to be running normally, but every time I try to download a credential, I get this error after signing in with esignet:

This is the part where I am stuck.

The logs in inji certify says:

org.springframework.security.oauth2.jwt.JwtValidationException: An error occurred while attempting to decode the Jwt: The iat claim is not valid

No Bearer / Opaque token provided, continue with the request chain

io.mosip.certify.core.exception.NotAuthenticatedException: invalid_token

My did is hosted in tomas-alexander.github.io/credenciales/farmer/did.json. Here it is:

{
  "assertionMethod": [
    "did:web:tomas-alexander.github.io:credenciales:farmer#key-0"
  ],
  "service": [],
  "id": "did:web:tomas-alexander.github.io:credenciales:farmer",
  "verificationMethod": [
    {
      "publicKeyMultibase": "z6MkvHNVc7iCqZwJkbzTZEBVSPeUyWNAk4RBjEamDo9CBsYd",
      "controller": "did:web:tomas-alexander.github.io:credenciales:farmer",
      "id": "did:web:tomas-alexander.github.io:credenciales:farmer#key-0",
      "type": "Ed25519VerificationKey2020",
      "@context": "https://w3id.org/security/suites/ed25519-2020/v1"
    }
  ],
  "@context": [
    "https://www.w3.org/ns/did/v1"
  ],
  "alsoKnownAs": [],
  "authentication": [
    "did:web:tomas-alexander.github.io:credenciales:farmer#key-0"
  ]
}

These are the URI I use in certify-csvdp-farmer.properties:

mosip.certify.data-provider-plugin.issuer-uri=did:web:tomas-alexander.github.io:credenciales:farmer
mosip.certify.data-provider-plugin.issuer-public-key-uri=did:web:tomas-alexander.github.io:credenciales:farmer#key-0

Mimoto error log:

org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 : "{"error":"invalid_token","error_description":"invalid_token"}"

Inji-web error log:

"POST /v1/mimoto/credentials/download HTTP/1.1" 500 128 "http://localhost:3001/redirect?state=jz92iPDFsDiJ_nC8-HMq3H8xQOl6nAQFv5Hzxg8.ECu&code=5vBHJecXvPDv-9ijSB6MAC3_hB1k-0i24nSbeEg-pg8" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Edg/135.0.0.0" "-"

How can I solve this invalid token error?

TomasOGTIC · April 7, 2025, 3:16pm

I also confirmed that the did is the same as the one in localhost:8090/v1/certify/issuance/.well-known/did.json

svahsek · April 8, 2025, 5:00am

Dear @TomasOGTIC ,

Thank you for reaching out, One of our expert colleagues will respond to your query here.

Best Regards
Team MOSIP

Harsh_Vardhan · April 8, 2025, 5:10am

Hi @TomasOGTIC,

Thanks for trying out Inji Stack.

Can you check if your machine’s time is correctly synced with the time servers? A good way to do this is to open https://time.is/ on your browser. If you get " Your time is exact!" on the above page, it may be due to another issue, if it does not you’d have to sync your machines’ time with an NTP server.

TomasOGTIC · April 8, 2025, 5:29pm

Thank you! It was actually that. I was ahead by 23 seconds

sanchi-singh24 · April 28, 2025, 4:57am

Hi @TomasOGTIC,

Just checking in — is everything working fine now?
If you’re still facing any issues, please let us know. We’d be happy to assist!

Best regards,
Team MOSIP

TomasOGTIC · April 29, 2025, 3:24pm

Hi @sanchi-singh24 ,

I was able to download credentials from the .csv file succesfully. Thank you for the support.

Right now I am trying to use the PostgreSQL plugin but I am a little lost in how I should implement it. But that’s probably for another question and another thread.

That being said, is it possible to use the PostgreSQL plugin that can be found in mosip/inji-certify: Repository hosts the source code, documentation, and other related files for the Inji Certify project in the inji stack setup that can be found in inji-certify/docker-compose/docker-compose-injistack/README.md at master · mosip/inji-certify?

If it’s possible I can open another question to express my doubts

Varaniya1 · April 30, 2025, 6:00pm

Hi @TomasOGTIC

yes you can follow the steps mentioned in the link you shared to setup certify with postgres SQL. it is supported.

Regards,
Varaniya S
On behalf of MOSIP

Harsh_Vardhan · May 15, 2025, 4:51am

Hi @TomasOGTIC ,

You can use PostgresSQL plugin in the docker compose example, you’d have to create relevant entries in the Postgres pod and configure it accordingly.

However, I’d like to know if there’s any reason or preference for wanting to try out the same? We made docker compose injistack as a 10minute setup for demo(s) and a single node testing/VC design-generation-download-verification journey and purposefully kept the README minimal.

Here’s the README for configuring the Postgres dataprovider plugin., if you have a specific usecase, do use it and share feedback.

lyson_kaunda1 · May 16, 2025, 2:29pm

How do u manage to do this? Mine is behind with 0.06 seconds!!

Harsh_Vardhan · May 22, 2025, 6:44am

How do u manage to do this? Mine is behind with 0.06 seconds!!

For now, you’d have to sync your machine time with an NTP server, but worry not, a 0.06 second delay shouldn’t be causing a VC download failure IMO.

Your Operating system might be scheduled to do this on a more frequent basis, but you can also trigger it by yourself.

Topic		Replies	Views
Facing `invalid_proof` Error in MOSIP Certify API `/v1/certify/issuance/credential Developer inji	5	59	December 4, 2024
Not able to deploy inji-certify via docker-compose or helm Support inji	3	31	July 7, 2025
Facing issue in generating token in esignet Developer inji	2	66	November 8, 2024
Download id fails inji	10	79	July 7, 2025
Using Inji with Ory as an Authentication Server Developer inji	2	18	July 1, 2025

Problem downloading credentials in the inji stack setup

Related topics