Access_token too short ~ jwt malformed

kdhttps · March 21, 2019, 6:51pm

I did some research and it works for me.

Solution

Need to use audience
Configuration in my angular app. All the keys are case sensitive.

{
    clientID: <your_client_id>',
    domain: '<your.auth0.com>',
    audience: 'https://<your.auth0.com>/api/v2/',
    redirect: 'http://localhost:4200/callback',
    logoutRedirect: 'http://localhost:4200',
    scope: 'openid profile email'
  }

Notes

If you want access token as JWT then you must have to set audience.
Set APIs https://<your.auth0.com>/api/v2/ in audience as given above example. Userinfo endpoint not working for me.
In the URL / is required at last. https://<your.auth0.com>/api/v2/
Node side JWT verification

const authCheck = jwt({
    secret: jwks.expressJwtSecret({
        cache: true,
        rateLimit: true,
        jwksRequestsPerMinute: 5,
        jwksUri: 'https://<your.auth0.com>/.well-known/jwks.json'
    }),
    // This is the identifier we set when we created the API
    audience: 'https://<your.auth0.com>/api/v2/',
    issuer: 'https://<your.auth0.com>/',
    algorithms: ['RS256']
});

In the URL / is required at last. https://<your.auth0.com>/api/v2/ and https://<your.auth0.com>/

I’ve update code in my github. Github: GitHub - kdhttps/auth0-angular-node: Auth0 authentication with Angular and NodeJS

Topic		Replies	Views
UnauthorizedError: jwt malformed in express.js JWT.io access-token , jwt-validation , serverside	23	60459	September 15, 2022
JWT Malformed for API auth check Get Help jwt	3	8781	December 20, 2020
Jwt malformed even though its correct in the request Get Help apis , application	4	88	November 14, 2024
Cant use JWT with (short) access_token. id_token works Get Help	3	4464	March 10, 2018
Access_token too short - audience is correct Get Help auth0js	3	4390	July 25, 2019

Access_token too short ~ jwt malformed

Related topics