Auth0 single page app keeps using HS256

jacek.kruzel · July 27, 2022, 10:47am

Hello Community

I have a problem with newly created auth0 app. I have created fresh single page app. It is configured to use RS256 signing algorythm. For some reason though despite the settings access tokens keep beeing signed with HS256. Intrestingly enough id tokens are signed with RS256 as expected. Any advices?

john.gateley · July 27, 2022, 12:57pm

Hi @jacek.kruzel

If I understand correctly: your ID token is a RS256 signed token, but your access token is a HS256 token, correct?

The ID token algorithm is in the advanced settings of your app.
The access token algorithm is in the settings of your API (which you specified the audience for to get the access token). Check that, it is set to HS256.

John

konrad.sopala · March 23, 2023, 9:55am

Previous message deleted due to SPAM reasons.

Topic		Replies	Views
Authorization API signs JWTs as RS256 when HS256 is selected Help token , rs256 , hs256 , algorithm	7	11438	March 2, 2018
Expected the ID token to be signed with HS256 JWT.io jwt	1	4277	October 9, 2021
Auth0 lock client returns hs256 but need a rs256 Help rs256 , auth0-lock , hs256	3	4872	March 2, 2018
Suddenly RS256 tokens generated from HS256 apps Help jwt , auth0	11	3329	March 28, 2020
id_token retrieved in RS256 instead of HS256 (Auth0, Swift) Help auth0 , rs256 , hs256 , authorization , swift	2	5010	March 2, 2018

Auth0 single page app keeps using HS256

Related topics