From the looks of it, you aren’t passing an audience in the request to /token and are thus receiving an opaque access token - If you add in an audience param (API identifier) you should be good to go.
Thanks @tyf
I have updated the request to include audience as a query string parameter. As postman doesn’t seem to support that natively.
This article seems to suggest this is the correct solution.
However, I am still getting an opaque token.
I have read the article that you posted and double-checked that I am doing as it suggests. I am so lost on what to do next. As nothing I tweek seems to work.
Hmmm that’s super odd I just tested in Postman myself, adding the audience param in the “Token Request” section and it’s working as expected. Can you double check that the audience you are passing is the exact same as the API Identifier listed for the API you’ve registered in Auth0? Additionally, it might be worth trying to cURL outside of Postman to see if that works.
@tyf firstly, please don’t apologise for the slow response. I really appreciate your help.
Secondly, adding the audience to the Token Request section as a Request body parameter did mean I got back a non-opaque token. However, my API won’t accept it as it says it has the wrong audience. I am going to create a new topic about that, and I will link to it here.
I just tested in Postman myself, adding the