The value for the API Identifier (Audience) is just a URI. It can be anything, typically the URL of your API. We don’t call that URI, it is added to the access token and then used by your API as part of the token validation process.
Could you show the Xamarin code you’re using to call your .NET API? Just to make sure the token is passed along correctly.
To easily get an access token outside of your app you could use ROPG: Call Your API Using Resource Owner Password Flow (you can use Postman to get the token, and then use Postman to call your API with that token). If that works, I would suggesting walking back and trying to figure out what is wrong in your Xamarin application.
Debugging is a shortcoming in .NET itself as it doesn’t support sufficient context as to why the token validation failed.
Other things worth looking into:
- The API Identifier needs to be the same value as what you use in Xamarin (AuthConfig.Audience) and you API (Jwt:Audience)
- The issuer needs to be configured correctly on your API (Jwt:Issuer): https://dev-7cdpp4yt.us.auth0.com/
- In the API, under TokenValidationParameters you could try to turn each on of these settings to “false” to try and pinpoint the issue better:
ValidateIssuer = false
ValidateAudience = false
ValidateLifetime = false
ValidateIssuerSigningKey = false
(remember to turn these back on once you’ve found the issue)