I have a problem setting up authentication/authorization along with role-based permissions access control in our application (traditional Node js/Express + Pug application). I used the Express OpenID Connect SDK to authenticate users in the app: Auth0 Express SDK Quickstarts: Add Login to your Express App
To implement role-based permissions access control, I used express-jwt, jwks-rsa and express-jwt-authz npm packages. Exactly as described in the auth0 blog article:
After the login process, I got an error: No authorization token was found 401,
because the server receives “cookies: appSession=eyJhbG…” .
This is not a JWT token for authorization on the server. The middleware built using the express-jwt npm package checks the request for jwt and throws a 401 error.
How to solve this problem? Do I need to make additional settings to get a jwt token on the server?
Thank you!