Access token giving unauthorized in backend

I am trying to setup social login. I have a react app, mobile app and backend in Laravel. We have setup the Auth0 SDKs in both the react and mobile app but the access token received after the login is giving unauthorized error in the backend side.

Frontend app is sending the access token in header as authorization bearer but auth0 middleware is treating it as invalid. Please help.

Hey there @vishal.agarwal!

Are you able to decode the access token at jwt.io and share (redacting any sensitive info) here?

Thanks!

I tried decoding it at jwt.io

It is giving invalid signature for the access_token but it successfully decodes the id_token.

Hey @vishal.agarwal thanks for confirming - My guess is that your token is missing an audience claim and is thus opaque.

1 Like

Thank you so much. It really helped and worked fine.

Now the second issue I am facing is:

We have created a native application for mobile, an SPA application for react frontend and a regular web application for backend. But I can only define single clientId in the Laravel backend. So, do we really need 3 applications or am I doing something wrong?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.