401/Unauthorized calling from SPA to custom API

I’m trying to call a custom API on .net core from a js SPA, the authentification works fine but when I call the api it returns 401, using the access token. I don’t have any scopes or permissions set.
Does anyone know why this happens?

Edit: I’ve checked the bearer token that I received and it doesn’t seem valid, at least in the RS256 format.

Hi there @AlwaysBuyCheap welcome to the community!

I’m assuming this is due to the Access Token missing an audience (aud) claim - This is specified as a param in the /authorize request and might be a good place to start.

I also came across the following topic which may be of use:

Let us know!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.