Yes, I’ve followed the guide. All other pre-defined endpoints work fine except /auth/access-token
Here are the .env vars saved:
AUTH0_SECRET={SECRET}
APP_BASE_URL=http://localhost:3000
AUTH0_DOMAIN=dev-rmhdvcklahazorlu.us.auth0.com
AUTH0_CLIENT_ID={CLIENT_ID}
AUTH0_CLIENT_SECRET={CLIENT_SECRET}
AUTH0_AUDIENCE=https://api.qhsse.com
AUTH0_SCOPE=openid profile email
Here is my code snippet from lib/auth0-token.ts
import { auth0 } from "./auth0";
export async function fetchAccesstoken() {
try {
const session = await auth0.getSession();
if (!session) {
throw new Error("Not authenticated");
}
const { token: accessToken } = await auth0.getAccessToken();
return { accessToken };
} catch (error: any) {
return { error: error.message, status: error.status || 500 };
}
}
Calling this const accessToken = await fetchAccesstoken(); console.log('sample',accessToken)
Always returns a JWE token, It seems, I’m not allowed to pass the AUTH0_AUDIENCE param when calling getAccessToken in ver.4.x + of next.auth0
I’ve also tried the same by cloning the provided example project:
and applying my .env variables but this also still results the same issue.
Am I missing something here? perhaps in the auth0.dashboard?
I’ve also authorised the app from the API settings (machine to machine applications) and also ensured that the option to pass JWE Encrypting the signed access_token issued for this API is ‘Disabled’
But its still passing a JWE token instead of a JWT. (Which is not possible for me to handle in the Backend)