Script output (with my password changed)-------------------------------------------------------------------------------------------$ ./jwt.sh ./00D0Y0000008amn.jks lajos.kelemen@accenture.com 3600 https://api.metamind.ioEnter destination keystore password: my_passEnter source keystore password: my_passExisting entry alias lkelemen_sf_devcert exists, overwrite? [no]: yesEntry for alias lkelemen_sf_devcert successfully imported.Import command completed: 1 entries successfully imported, 0 entries failed or cancelled[Storing privateKey.p12]MAC verified OKGenerated Assertion:eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJsYWpvcy5rZWxlbWVuQGFjY2VudHVyZS5jb20iLCJzdWIiOiJsYWpvcy5rZWxlbWVuQGFjY2VudHVyZS5jb20iLCJhdWQiOiJodHRwczovL2FwaS5tZXRhbWluZC5pby92MS9vYXV0aDIvdG9rZW4iLCJleHAiOjE0NzYwODAzMTksImlhdCI6MTQ3NjA3NjcxOX0.EcvaPYv3bfA_HNsa_5tNFz6iajvprCee-kNfdSNMPHpgeMgWU3Z0LFt8AojJLNYZIzNydNarDtUbDkqhdpB_c2Ahi2xUhiy_ATnWaUWNrykROsv7dVu_l8smIb9s08N4mcllsDorNWcM9XWmVDlVgq4oegaeQhq2yCOuxn3jAb5IRlurXjSY125FTJs_3oE06vkZYieg6kxQYoeZiWvGfwhdgEB-szutrrXFgUEVKa5U_qj5HFQYlHV7yAcbRTxCc5vOwaAv7qCrjdFCfsmWXPlk-65DSoAFUXK12j6HbB-hHRimNrf-4lLz0mxMmDNC5HuLMHG8BOZMp6PDc19QBgYour access token response:{"message":"Invalid JWT token"}-------------------------------------------------------------------------------------------my script changes:openssl pkcs12 -in privateKey.p12 -nocerts -nodes -out private_key changed to (added -passin pass at the end)openssl pkcs12 -in privateKey.p12 -nocerts -nodes -out private_key -passin pass:my_pass-------------------------------------------------------------------------------------------curl -H "Content-type: application/x-www-form-urlencoded" -X POST "$4/v1/oauth2/token" -d \"grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=$jwt3.$jwt5" ; echochanged to (added -k parameter to accept self signed certs?)curl -k -H "Content-type: application/x-www-form-urlencoded" -X POST "$4/v1/oauth2/token" -d \"grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=$jwt3.$jwt5" ; echo
25 answers
Incase this is not yet resolved. Please have a look at this blog on authenticating using JWT.https://salesforcerealm.com/2020/03/07/authenticate-sfdx-using-jwt/