Hi @mattymillar,
Thanks for reaching out to the Auth0 Community!
I understand that you’ve received a malformed access token when authenticating with google-oauth2.
After looking at your axios.post request, it appears to be missing the request headers.
Could you try the following instead:
const url = `https://${process.env.DOMAIN}/oauth/token`
const data = {
grant_type: 'authorization_code',
client_id: process.env.CLIENT_ID,
client_secret: process.env.CLIENT_SECRET,
code: "the code",
redirect_uri: process.env.CALLBACK_URL,
}
const options = {
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
}
};
const resp = await axios.post(url, qs.stringify(data), options)
The Call Your API Using the Authorization Code Flow documentation goes into full detail on how to form the /oauth/token request.
After doing so, you should be able to decode your access token without issues.
Please feel free to reach out if you have any further questions.
Thank you.