Skip to content
This repository was archived by the owner on May 16, 2025. It is now read-only.
This repository was archived by the owner on May 16, 2025. It is now read-only.

SDK authorization issues in a Rails (v6.1.7.3) application #153

@edwardmyung

Description

@edwardmyung

Hello, I tried to contact sdksupport@yoti.com as the new issue template suggests, however I got a warning email that the email doesn't exist so writing here https://i.imgur.com/MmeCPqQ.png

Overview

We are currently trying to build a proof-of-concept for integrating Yoti into our product, and finding that whatever we try we are running into this error with the ruby-sdk:

Yoti::RequestError (Unsuccessful Yoti API call: 
Unauthorized: {
  "error_message": "Failed to verify signature.", 
  "error_code": "INVALID_SIGNATURE"
}):

Things we have tried

Different approaches for config.key_file_path

• Setting config.key_file_path with env var
• Setting config.key_file_path hardcoded as string
• Setting config.key_file_path hardcoded as Rails.root.join('app', 'assets', 'yoti-poc', 'poc-temporary.pem')

We noticed there is also a section in the README which says it is possible to use config.key on Heroku/AWS Elastic Beanstalk, so we also tried:

• Setting config.key hardcoded as string on single line (with and without \n linebreaks)
• Setting config.key hardcoded as string on multiline (with and without \n linebreaks)

Double checking the basics:

• Double checked the SDK ID and .pem file is of the latest key pair (we also tried generating a new key pair)
• Double checked that the relative path is correct by using an open command from project root like code app/assets/yoti-poc/poc-temporary.pem, which opens the correct file in the text editor
• When trying with env vars, double checked that echo $YOTI_KEY_FILE_PATH and echo $YOTI_CLIENT_SDK_ID prints the expected values

I suspect we are overlooking something simple, but as far as I can tell have followed the docs at https://github.com/getyoti/yoti-ruby-sdk exactly. Do you have any ideas what the issue may be?


In case its useful

  • We are grabbing the key-pair from this location in the Yoti hub, with just age-estimation activated: https://i.imgur.com/wCkZphb.png
  • This is how we’ve been calling the Yoti request in our rails controller: https://pastebin.com/raw/QfJiPTf7. Your docs seem to suggest /api/v1 as the API endpoint base just for ruby, however I've presumed that is a typo as:
    • (i) That returns Yoti::RequestError (Unsuccessful Yoti API call: Not Found: Not found):
    • (ii) All other languages use the base /ai/v1
    • (iii) The Endpoints table above the code snippets [here] for request creation suggest the base should be /ai/v1

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions