The plugin is installed on my development site and configured with ACL and plugin with the following:
Token - Secret Key: [redacted]
Validate Issuer: unchecked
Token - Issuer: Issuer
Validate audience: unchecked
Token - Audience: Audience
Token - ExpiryInMinutes: 60
I created an API user matching a customer email who has the OData ACL access.
Using the nopCommerce 4.30 sample client from your github, I am able to successfully acquire a token with the API user. However, when calling the GetCategories() method in the sample project, I receive a 403 response.
The nopCommerce logs shows the request to [domain-redacted]/odata/Category failing with the following error.
IDX10503: Signature validation failed. Keys tried: '[PII is hidden]'.
'[PII is hidden]'.
token: '[PII is hidden]'.
Do I need to change any of the Issuer or Audience values?
What would cause Signature validation failed error?