Auth0 Never Sends me an API Access Token for Audience

Auth0 login for my React SPA works well !

But on a further call, the access token I receive from Auth0 doesn’t correspond to my API audience parameter.

My Auth0 API is configured with an audience of https://api.admin.app.com

I’ve set up permissions and roles, and the user is assigned the role (and therefore the permission that’s requested below).

When the user navigates to a specific page, the front end calls:

const token = await getAccessTokenSilently({
  audience: 'https://api.admin.app.com',
  scope: 'read:accounts'
});

And i do receive a token in response. However when I decode the token on jwt.io the audience and scope are not correct!

{
  "iss": "https://dev-e3***hidden***ev.us.auth0.com/",
  "sub": "auth0|67***hidden***0f",
  "aud": [
    "https://dev-e3***hidden***ev.us.auth0.com/api/v2/",
    "https://dev-e3***hidden***ev.us.auth0.com/userinfo"
  ],
  "iat": 1750119759,
  "exp": 1750206159,
  "scope": "openid profile email read:current_user",
  "azp": "bd***hidden***0S"
}

So it looks like I’m getting back an access token for the management API and not for my custom API?

Hi @evan7

Welcome to the Auth0 Community!

Thank you for posting your question. Can you try to get the access token with this change:

const token = await getAccessTokenSilently({
  authorizationParams: {
    audience: 'https://api.admin.app.com',
    scope: 'read:accounts' 
  },
});

Thanks
Dawid

Thank you @dawid.matuszczyk for your assistance!

I’ve made the change you suggested, and I think I’m on the right track now. I’m receiving however a Consent Required error during the getAccessTokenSilently method call.

If you have any suggestions on that it would be much appreciated!

Edit: To be clear, the error is not followed by a consent dialog. I assume it’s because I’m using a “silent” method call.

Edit: I caught the error and used theloginWithPopup method to handle the consent grant. It’s working well now!

Thank you!