Auth0 Home Blog Docs

access_token in JWT format - iOS SDK



I am using this function for getting access_token, but still I don’t get it in JWT format.

enum Auth0Key:String{
    case SCOPE          = "openid user offline_access update:current_user_identities"
    case CONNECTION     = "Username-Password-Authentication"

.login(usernameOrEmail: username, password: password, connection: Auth0Key.CONNECTION.rawValue, scope: Auth0Key.SCOPE.rawValue, parameters: "device":"test", "audience":Environment.shared.baseUrl])
.start { result in
    switch result {}

I post in payload audience, but I don’t get still access_token in JWT. Could you help me, to set it?


Hi Vladimir,
What have you set as your audience? To get a JWT access token your audience needs to be the identifier for an API you create in the Auth0 dashboard.


Thanks for reaction. I am using identifier from Auth0 dashboard, but still no luck. I forgot to mention, that I am using it on tvOS, but it should work there too. Should I post in payload something else?


I am seeing a very similar situation. I just downloaded sample from official repo ( and ran with updated Auth0.plist.

So, the code snippet is something like this

        .audience("https://" + clientInfo.domain + "/userinfo")
        .scope("openid profile")
        .start {
            switch $0 {
            case .failure(let error):
               // Handle the error
               print("Error: \(error)")
            case .success(let credentials):
               guard let accessToken = credentials.accessToken, let idToken = credentials.idToken else { return } ...

It works fine and lets me login, but the accessToken is not JWT. Something like KBSxkmG-OcpA6-cg.

Please help. I cannot send this to my API server for verification.

P.S. I thought the issue is related, so I posted in this thread to consolidate. But if it is better to create my own thread, let me know.


Self answering my quesiton. Ryan’s comment above had the answer in it.

I had to replace

"https://" + clientInfo.domain + "/userinfo" 

to something like


(API name I have created in the portal), and voila. Access token returns in JWT.

In the initial example, audience is “userinfo” which requires (!?) opaque access token, and that’s why I don’t get JWT token.


How was the API “TestAPI” created?


Something like this @lcheng_nj ![alt text][1]