What is that?
Usually happens in your /token or /person API call, Invalid PKI Signature error is caused by a mismatch of certificate used to sign your API calls and the one uploaded into your app configuration in our portal. For example, partner is using certificate A to sign the call but certificate uploaded into the app is certificate B.
What can you do to rectify this error?
Check Certificates
- Download certificate uploaded as part of your app configuration, compare the serial number with the certificate that you used to sign your call.
- You can refer to the steps in this article to view or perform app configuration https://partnersupport.singpass.gov.sg/hc/en-sg/articles/32734040707737-How-do-I-register-callback-URLs-JWKS-URLs-Point-of-Contact-emails-for-my-Myinfo-and-Singpass-Login-integration
Troubleshoot Base String and Signature
1. Use our Base String Checker to ensure your Base String is generated in the correct format.
For non-gov https://api.singpass.gov.sg/library/myinfo/v3/developers/tools-basestringchecker
For gov https://api.singpass.gov.sg/gov/library/agency-myinfo/govdevelopers/v3-tools-basestringchecker
2. Once you have a valid Base String, verify your Digital Signature using our Signature Verifier. The Public Certificate used in the Signature Verifier must matched with the Public Certificate uploaded in your app configuration.
For non-gov https://api.singpass.gov.sg/library/myinfo/v3/developers/tools-signatureverifier
For gov https://api.singpass.gov.sg/gov/library/agency-myinfo/govdevelopers/v3-tools-signatureverifier
Comments
0 comments
Please sign in to leave a comment.