Improve JWT validation for email addresses containing umlaut characters (ä, ö, ü)
under review
Nivedha Mohan
A customer reported that JWT generation fails when the email ID contains umlauts, although these characters are accepted in users' first and last names. Instead of failing silently, the API should return a clear validation error (e.g., "Invalid email ID") if such email addresses are unsupported.
This will improve troubleshooting and provide a better developer experience.
Log In
Mohamed Shakheen
updated the status to
under review
Mohamed Shakheen
Hi Sheer Mandrill Little Tortoise
Thank you for reporting this issue and providing the context.
We understand the concern around JWT generation failing when email addresses contain umlaut characters, particularly when the failure does not return a clear validation message. Providing a meaningful error response would help developers quickly identify the root cause and improve the overall integration experience.
We will validate the reported behavior and review how unsupported email formats are currently handled. As part of this evaluation, we will consider opportunities to improve error handling and validation messaging to provide clearer feedback when JWT generation requests cannot be processed.
This request is currently under review, and we appreciate you bringing it to our attention.
S
Sheer Mandrill
I would like to add, that generating the jwt code (https://identity.document360.io/api/jwt/generate-code) returns a valid code, even when the emailID contains umlauts.
Also the following authorize (https://yourproject.document360.io/jwt/authorize?code=xyz) seems to work but after the redirect an empty page is shown.
The browser console shows a few 400 bad request entries in that case.
After that first faillure, opening the authorize url (even with a new code) results in a 500 server error (timeout).
Nivedha Mohan
++Sheer Mandrill
Little Tortoise