Authenticated user is missing subject claim

Hello,

I have followed all steps outlined here to create a server-to-server communication.

I am able to login and submit a request. However, I get stopped on the following error “Authenticated user is missing subject claim”.

Here is a copy of my Sphinx Login component:

var
SphinxLoginAdmin: TSphinxLogin;
SphinxLoginAdmin := TSphinxLogin.Create(Self);
SphinxLoginAdmin.Name := 'SphinxLoginAdmin';
SphinxLoginAdmin.Authority := 'http://localhost:2001/tms/sphinx';
SphinxLoginAdmin.ClientId := 'admin_web';
SphinxLoginAdmin.Scope := 'openid email';

I place a call to get the token:

TokenResult := SphinxLoginAdmin.RequestToken('someSuperSecretString');

And I get a toke back.

When I issue an HTTP request:

HttpRequest.CustomHeaders['Authorization'] := 'Bearer ' + Token;
HttpRequest.CustomHeaders['Accept'] := 'application/json';
HttpResp := HttpRequest.Post('http://127.0.0.1:2001/tms/api/admin/users', Req, Resp, [TNameValuePair.Create('Content-Type', 'application/json')]);

I get the “Authenticated user is missing subject claim” error.

After many unfruitful searches on Google, I decided to ask here for pointers. What am I missing?

Thank you,

Alan

Where is this error message coming from, exactly? I think this is from your API, or at least is not from Sphinx?

Server-to-server communication does indeed generate tokens without a subject claim, as there is no impersonation here, there is no "login". It's just machine to machine communication.

Yes! I missed that. I Inherited an application, and I am getting familiarized with Sphinx. You are spot on.

Thanks for the help

Alan