cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Get Started Discussions
Start your journey with Databricks by joining discussions on getting started guides, tutorials, and introductory topics. Connect with beginners and experts alike to kickstart your Databricks experience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

JWT Encoding error while using Azure secret key

Wycliff
New Contributor II

‎02-08-2024 12:14 AM

My secret value in Azure key vault is like below.
private_key="""-----BEGIN RSA PRIVATE KEY-----
****
****
-----END RSA PRIVATE KEY-----"""

Running this command in Databricks notebook - jwt.encode(claim_set,private_key,algorithm='RS256')

While using the above hardcoded secret value in the command, it is working well.

But failing while using keyvaults in the command - private_key=dbutils.secrets.get(scope="scope_nm",key="key_nm").

Error : ('Could not deserialize key data.The data may be in an incorrect format, it may be encrypted with an unsupported algorithm, or it may be an unsupported key type(e.g. EC curves with explicit parameters).'

0 Kudos
1 REPLY 1

Wycliff
New Contributor II

‎02-08-2024 11:16 PM

Thanks much for your troubleshooting methods.

Validated the secret scopes, accessing secrets. These looks fine.

Key format - I feel problem is with the key format only. As of now I'm awaiting on Azure subscription access. 

But I printed the secret value in Databricks compared the same with actual RSA private key in notepad++ and look for any differences in CR LF. Below is the command used for printing the secret value.

value=dbutils.secrets.get(scope="scope_nm", key="key_nm")

for char in value:

      print(char,end='\u200B')

Got the secret value in zero Width Space format. Having the actual RSA key value in CR LF format. Any way to get the secret value as is?

on permission end, we are good. Can be able to access other secrets.

Not sure about validating the algorithm. Regenerating the RSA key also seems to be impossible now as it is dependent on external team.

Please help to proceed from here. Thanks.

 

 

 

 

On Permission

0 Kudos

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements