We have a .Net application that is generating ws-security token today and is working fine with our vendor application. We are now trying to migrate that to API Gateway and receiving a invalid signature error message and it doesn't look like vendor application problem since it is working for the old application. I validate that ws-sec structure, algorithm, version is same for both the implementation but still giving an error as invalid signature. can you please help me with the potential cause with the attached policy please.
Appreciate your help! Thank you!