Hi @abroadhurst!
Do you mind sharing the specific sample(s) you’ve been working with?
It sounds like there is no Authorization header being included in the request and thus no authorization token - Basically, the middleware is checking to see if there is a valid Access Token included in the Authorization header, and in this case the header might be missing altogether.
For example, you can see this in action in our React sample:
try {
const token = await getAccessTokenSilently();
const response = await fetch(`${apiOrigin}/api/external`, {
headers: {
Authorization: `Bearer ${token}`,
},
});
This code + sample app can be found here.
Hope this helps!