So, I have been trying for a while now, but my bearer token I’m unable to get, although I see the key in the HTTP-response that is made by, I assume, the interceptor.
How do I get that key?
The access token? That is discussed here, it is built on auth0-spa-js which uses the getTokenSilently method.
The user id is available in the sub claim in the id token. That should be available via the idTokenClaims or the user object in the SDK. Take a look here:
Thanks, but when I make a request to the back-end I cannot access the data. However, if manually add the API key from API explorer in the backend, I can.
import { AuthService } from ‘@auth0/auth0-angular’;
I believe this is how you use the SDK? But Authservice contains isAuthenticated, user$ and one or two other methodes, but not idTokenClaims or anything similar.
So, I’m sure that I’m doing something wrong, but what?
There shouldn’t be any API key. You may be referring to the access token that is available in the dashboard API settings. That token will expire as it is meant to be requested periodically.
Yes, I did updated it. I used the command “npm install auth0-angular”. The access key I get from get silenttoken doesn’t give me access to my back-end. I really don’t know what I’m doing wrong
I’m not sure I understand, getSilentTokenkey is not a method of either library. It sounds like getTokenSilently. Can you post your code?
Also, you keep saying keys…but you are talking about tokens.
API keys are typically referring to something different than a JWT access token. It’s worth mentioning here because it looks like you are trying to use a method that doesn’t exist and mentions keys.
I will. But quick question: my idea is that the bearer token is given by the front-end to the backend, but somebody says the front-end and backend use a JWT-token and the bearer-token stays on the back-end.
It seems like you have a lot of questions and confusion about the fundamentals of authentication. I would encourage you to read through documentation before asking questions, as some of these concepts are difficult to grasp without an overall picture of how the flows are working.
This is a good place to start if you are new to authentication.