Angular 10, .net core 5.0 backend API PKCE

I have followed all of the online documentation and can’t successfully call custom backend API. I’m getting 401 Unauthorized response, with error message: www-authenticate: Bearer error=“invalid_token”

I’m using @auth0/auth0-angular npm package, and it’s attaching a bearer token to the request, but it’s not a valid jwt token. Am I missing a step?

Configuration:

AuthModule.forRoot({
  domain: 'xxxx.auth0.com',
  clientId: 'xxxxxxx',
  httpInterceptor: {
    allowedList: [
      { uri: 'https://localhost:44317/*' }
    ]
  }
}),

],
providers: [{ provide: HTTP_INTERCEPTORS, useClass: AuthHttpInterceptor, multi: true },],

Here’s the bearer token that is getting attached to the request:

authorization: Bearer -GdEMsgGB6PQA5RQ_EQLWoefS3GW1EOo

Thanks in advance,

William

Hi @wharris47,

Welcome to the Community!

It looks like you are getting an opaque token, which is only intended to be consumed by Auth0s APIs.

If you want to request a JWT that can be consumed by your custom API, you need to declare and audience, usually the indentifier you registered for your API.

If you would like to follow a tutorial, then check out the second part to the angular quickstart:

Thank you so much! I spent all weekend trying to get this to work. Awesome to see my API response on the 1st attempt!

I need to add email to the bearer token now, I think I came across docs on how to do that already.

Thanks again!

Chris

Sounds good! Thanks for providing an update.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.