Hi. I may be missing some trivial, however I’m failing to pinpoint it.
VERY Similar thread, but not helpful
My question is similar to this auth0 help thread. The user said they found their problem in their SPA’s configuration, but did not post the actual solution to their configuration issue. The post is closed and I cannot ask further on that thread. Perhaps that can be remedied here.
What I’m trying to do:
I’m trying to access the GO API tutorial from the Swift native app tutorial.
I’m using the universal login that is found in the Swift tutorial.
Both tutorials work just fine on their own. I can successfully access all of the GO API endpoints in the GO tutorial using the API auth request with POSTMAN.
The problem:
When I attempt to access the GO API /api/private endpoint from the Swift app, using the SWIFT app response’s credentials.accessToken, I’m getting the following message in my GO log:
Encountered error while validating JWT: jwt invalid: could not parse the token: square/go-jose: compact JWS format must have three parts
Swift app request to /api/private
// Trigged by a button after successful login and storing the full Credentials object.
func getPrivate(credentials: Credentials) async {
let fetchTask = Task {
let headers = [
"content-type": "application/json",
"authorization": "Bearer \(credentials.accessToken)"
]
let url = URL(string: "http://localhost:3010/api/private")!
var request = URLRequest(url: url)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers
let (data, _) = try await URLSession.shared.data(for: request)
let decoder = JSONDecoder()
return try decoder.decode(TestResponse.self, from: data)
}
let result = await fetchTask.result
switch result {
case .success(let response):
print(response.message)
case .failure(let error):
print("ERROR: \(error)")
}
}
What I have tried/done:
- Explicitly added the GO API’s Identifier to the Swift App’s “Allowed APPs/APIs”.
- Grants for Swift APP: Have tried combinations of [Implicit, Authorization], [Implicit], [Authorization]. As I understand it, Authorization is the correct choice for a native app.
- Tried using the swift app’s
credentials.idTokeninstead of thecredentials.accessTokento access the GO API log for the/api/privateendpoint. (I do believe this is the wrong, but it was worth a shot). The GO API logged the following:Encountered error while validating JWT: jwt invalid: expected claims not validated: square/go-jose/jwt: validation failed, invalid audience claim (aud)
What might be my issue?
Perhaps it’s something in my auth0 settings configuration for either the API or the Native application?
Do I need to add some config for the universal login to include an explicit request for the GOAPI audience? Where might I do that?
Am I not able to use the universal login when I want to access an API from a Native app as I need explicitly request audience?
Does my Swift app need to an additional request to request authorization for the GOAPI after successfully authenticating?
Per the doc Call your API, I may have made a false assumption that the universal login handles both authentication and authorization, bringing the Swift app past Step 4: Request tokens as the Swift app has successfully received the credentials/tokens.
Thanks for your help. I hope this thread is helpful to others as well.