Hey there, from what I can see the access_token is correct. When you do not request an audience as part of your login you will get an opaque access_token instead of a JWT.
Auth0 has two tokens id_token and access_token. The id_token will always be a JWT. This token will contain data that can be consumed by the client/application. The access_token is a token that represents authorization to a resource server/api. If you do not pass in an audience (a unique identifier of your resource server/api) you will not be issued a JWT for an access_token.