Angular 10, .net core 5.0 backend API PKCE

I have followed all of the online documentation and can’t successfully call custom backend API. I’m getting 401 Unauthorized response, with error message: www-authenticate: Bearer error=“invalid_token”

I’m using @auth0/auth0-angular npm package, and it’s attaching a bearer token to the request, but it’s not a valid jwt token. Am I missing a step?


  domain: '',
  clientId: 'xxxxxxx',
  httpInterceptor: {
    allowedList: [
      { uri: 'https://localhost:44317/*' }

providers: [{ provide: HTTP_INTERCEPTORS, useClass: AuthHttpInterceptor, multi: true },],

Here’s the bearer token that is getting attached to the request:

authorization: Bearer -GdEMsgGB6PQA5RQ_EQLWoefS3GW1EOo

Thanks in advance,


1 Like

Hi @wharris47,

Welcome to the Community!

It looks like you are getting an opaque token, which is only intended to be consumed by Auth0s APIs.

If you want to request a JWT that can be consumed by your custom API, you need to declare and audience, usually the indentifier you registered for your API.

If you would like to follow a tutorial, then check out the second part to the angular quickstart:

Thank you so much! I spent all weekend trying to get this to work. Awesome to see my API response on the 1st attempt!

I need to add email to the bearer token now, I think I came across docs on how to do that already.

Thanks again!


1 Like

Sounds good! Thanks for providing an update.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.