Auth0 Home Blog Docs

API authorization fails when jwt recieved recieved while login(lock.js) passed in header

api-authorization

#1

In my single page application , I am using lock.js in client side for authentication. I am able to login application in client side and I got JWT id token from Auth0. And when I make API request after successful login, API keep returning 401 unauthorized error. I have checked the API request, system is correctly passing token id with in authorization header. I think, I have correctly configured JWT OWIN middleware in web api (configured these parameters like Auth0Domain,Auth0ClientID,Auth0ClientSecret,Auth0DBConnection correctly).
I have a paid Auth0 created sometimes back (1year before or so). The system is working with the older paid account. But it’s not working with my newly created trial account. Is there is any difference in older and newer version of Auth0? or Is there any other setting i need to configure inorder for api authorization to work.


#2

Our new API Authorization features now use the OAuth2 authorization framework, which works differently to our older flows. As an example, API authorization should now be done using access_token rather than id_token. You can learn more about this here: https://auth0.com/docs/api-auth

We also have a WebAPI (OWIN) quickstart you can look through: https://auth0.com/docs/quickstart/backend/webapi-owin/00-getting-started


#3