Cannot decrypt Application Token

Hello, i am trying to obtain a new application token (self-hosted taiga) , I followed REST API Documentation :

  1. Requested auth_code with /api/v1/application-tokens/authorize
  2. Validated auth_code with /api/v1/application-tokens/validate
    As explained in documentation I was expecting to get a cyphered_token:

“cyphered_token”: “eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiQTEyOEtXIn0.E-Ee1cRgG0JEd90yJu-Dgl_vwKHTHdPy2YHRbCsMvfiJx0OvR12E8g.kGwJPnWQJecFPEae.ebQtpRNPbKh6FBS-LSUhw1xNARl0Q5loCO4fAk00LHFqcDpAwba7LHeR3MPx9T9LfA.KM-Id_041g8OdWaseGyV8g”

Instead i get this:
{“token”: “eyJhcHBfdG9rZW5faWQiOjN9:1rmsWP:2APPsxGuloGhuvlCBbgFAVgKxnRJz9vhkul9nuUTTV0”}

but it does not seems to be a valid crypted token so decryption fails:

token=JWE().decrypt(cyphered_token, keys=[sym_key])
File “/home/superuser/.local/lib/python3.9/site-packages/jwkest/”, line 843, in decrypt
jwe = JWEnc().unpack(token)
File “/home/superuser/.local/lib/python3.9/site-packages/jwkest/”, line 67, in unpack
part = split_token(token)
File “/home/superuser/.local/lib/python3.9/site-packages/jwkest/”, line 16, in split_token
raise BadSyntax(token,
jwkest.BadSyntax: expected token to contain at least one dot: b’eyJhcHBfdG9rZW5faWQiOjN9:1rmsWP:2APPsxGuloGhuvlCBbgFAVgKxnRJz9vhkul9nuUTTV0’

What am I doing wrong?
Thank you for your help

Hi @superuser866

>>> from django.core import signing
>>> token = signing.dumps({"app_token_id": 1})
>>> token
>>> signing.loads(token)
{'app_token_id': 1}

This is how this token is generated and here is the documentation for the django.core.signing module.

I hope this can help.

This token is to authorize some external app to use taiga as a login services (like in, maybe this is not your use case.

Hi David, I was trying to obtain a token to use to authenticate to Taiga’s REST API inside a perl script . I am following the wrong procedure?
Thank you very much

For a common script, use the “Standard token authentication” process. You only need username/password credentials from an existing user.