Auth0 single page app keeps using HS256

jacek.kruzel · July 27, 2022, 10:47am

Hello Community

I have a problem with newly created auth0 app. I have created fresh single page app. It is configured to use RS256 signing algorythm. For some reason though despite the settings access tokens keep beeing signed with HS256. Intrestingly enough id tokens are signed with RS256 as expected. Any advices?

john.gateley · July 27, 2022, 12:57pm

Hi @jacek.kruzel

If I understand correctly: your ID token is a RS256 signed token, but your access token is a HS256 token, correct?

The ID token algorithm is in the advanced settings of your app.
The access token algorithm is in the settings of your API (which you specified the audience for to get the access token). Check that, it is set to HS256.

John

konrad.sopala · March 23, 2023, 9:55am

Previous message deleted due to SPAM reasons.

Topic		Replies	Views
Authorization API signs JWTs as RS256 when HS256 is selected Help token , rs256 , hs256 , algorithm	7	11415	March 2, 2018
Expected the ID token to be signed with HS256 JWT.io jwt	1	4266	October 9, 2021
Auth0 lock client returns hs256 but need a rs256 Help rs256 , auth0-lock , hs256	3	4869	March 2, 2018
id_token retrieved in RS256 instead of HS256 (Auth0, Swift) Help auth0 , rs256 , hs256 , authorization , swift	2	5005	March 2, 2018
Receiving HS256 signing algorithm instead of RS256 Help auth0 , access_token , rs256 , aspnet-core , hs256	5	8549	March 2, 2018

Auth0 single page app keeps using HS256

Related Topics