Hello, I am configuring the back-channel and in my code (node.js 18.x) I am trying to decode the JWT that I receive through the request (logout_token), I am having problems with the “issuer”.
I am dealing with the two urls of auth0:
issuer: custom domain
issuer: https://{organization}.{code}.auth0.com
// get remote key set for token verification
const JWKS = jose.createRemoteJWKSet(
new URL(`https://${process.env.ISSUER_URL}/.well-known/jwks.json`)
);
const { payload } = await jose.jwtVerify(logoutToken, JWKS, {
issuer: process.env.ISSUER_URL + '/',
audience: process.env.CLIENT_ID,
typ: 'JWT',
maxTokenAge: '2 minutes'
});
and this is the error:
Error on back channel logout: JWTClaimValidationFailed: unexpected "iss" claim value.
code: 'ERR_JWT_CLAIM_VALIDATION_FAILED',
claim: 'iss',
reason: 'check_failed'