API invocation returns { "message": "invalid algorithm", "code": -1}

Hi,
I am trying to setup postman to invoke sandbox api but I am getting

{ “message”: “invalid algorithm”, “code”: -1}

I am using postman and have configured “JWT Bearer” auth type with following details,

{
"X-API-Key": "667a...",
"sub": "667a..."
}

URL: https://sandbox-api.fireblocks.io/v2/vault/accounts_paged
Algorithm: RSA256

If I do not use “sub”, I receive

{ “message”: “No api key, nor ‘sub’ property in JWT”, “code”: -2}

Following is the Postman config,

image533×597 30.9 KB

Can you please let me know what am I doing wrong here?

Hey @fblbg25 – I would recommend using our ready-built Postman collection to test out API calls through Postman. It has the necessary pre-request script to build out the JWT header based on your API info. You can download it and see setup instructions here: Postman Guide.

Given the need to include iat /exp times, a nonce, and bodyHash, it’s difficult to say exactly what the issue is without looking at the script building your JWT object. In any case, the Postman collection in the link above has this already implemented if you’d like to compare against your own implementation. From a quick check, I the algorithm should be RS256, and the payload is missing some additional values like nonce, iat, exp, and bodyhash (explained here).