401/Unauthorized calling from SPA to custom API

AlwaysBuyCheap · May 21, 2022, 4:40pm

I’m trying to call a custom API on .net core from a js SPA, the authentification works fine but when I call the api it returns 401, using the access token. I don’t have any scopes or permissions set.
Does anyone know why this happens?

Edit: I’ve checked the bearer token that I received and it doesn’t seem valid, at least in the RS256 format.

tyf · May 23, 2022, 10:00pm

Hi there @AlwaysBuyCheap welcome to the community!

I’m assuming this is due to the Access Token missing an audience (aud) claim - This is specified as a param in the /authorize request and might be a good place to start.

I also came across the following topic which may be of use:

Let us know!

tyf · June 7, 2022, 10:00pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
unauthorize 401 for API requests Help access-token , api-authorization	2	5829	March 2, 2018
SPA and API scenario - restrict API access Help apis , application	2	1755	February 17, 2023
SPA + .net core backend Help	3	4620	April 23, 2019
401 when calling API (Spring) in a SPA (AngularJS) Help api , id_token , access_token , spring , angularjs	3	5207	July 25, 2019
401, Bearer error="invalid_token", The audience is invalid Help jwt	4	28334	July 28, 2021

401/Unauthorized calling from SPA to custom API

Related Topics