Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

mstdmstd's avatar

I got Token Signature could not be verified with external API and internal requests in my app

Hello, In Laravel 5.8 / vuejs / vuex / mysql app I use jwt-auth and when I login into the system (standart auth with mysql users table) I use method :

export function setAuthorizationToken(token) {
    axios.defaults.headers.common["Authorization"] = `Bearer ${token}`
}

and it worked ok.

Next I need to remade SignUp/SignIn to use external API for SignUp/SignIn operations. So my app needs to make SignUp/SignIn with external API , but also I have requests for controls of my app to read/write data from/to my sql.

SignIn request to external API returns token only and I keep it in the setAuthorizationToken method above. Next I need to read user details from this external API and to save it in vuex store. I make it and it works ok, but the problem is that my next axios request to my control to read data from db triggers error:

Token Signature could not be verified. I understand why but it there is a way to fix it? Is it possible to replace Bearer for axios when I need it? Maybe some replacement of axios to to use both axios and replacement ?

"laravel/framework": "5.8.*",
"tymon/jwt-auth": "^1.0.0",


"vue": "^2.5.17",
"axios": "^0.18",
"vuex": "^3.1.0"

Thanks!

0 likes
3 replies
mstdmstd's avatar

Searching for a decision on login I keen token I got in cookie 'external_token'


                        const headers = {
                            'Content-Type': 'application/json',
                            'X-Auth-Token': getCookie('external_token'),
                            'Access-Control-Allow-Origin' : '*',
                            "Access-Control-Allow-Methods": "GET",
                        };
                        axios.get(user_details_url, headers)
                            .then((response) => {
                            ...
                            })
                            .catch((err) =>{
                            })

But I got error in console :

Access to XMLHttpRequest at 'http://remoteserver.com/api/user' from origin 'http://local-wiznext.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

where remoteserver.com is remote server with API and http://local-wiznext.com is my local server I am developing at

Searching for a decision I found several additive parameters to add to header of my axios request :

                        const headers = {
                            'Content-Type': 'application/json',
                            'X-Auth-Token': getCookie('external_token'),
                            'Access-Control-Allow-Origin' : '*',
                            "Access-Control-Allow-Methods": "GET",
                            'crossDomain': true,
                           'dataType': 'jsonp',
                        };

But I got the same CORS error. If there is a way to fix this error and run request?

Please or to participate in this conversation.