This is a follow up to this post, which didn’t get an answer
So the setup is as follows. I have a next.js front end and a .net core backend. The next.js setup was done following the auth0 next.js guide, and there’s no mention of setting up an audience config in that guide. When the token is sent to the sever it can’t be validated.
- Can confirm on the .net backend the audience matches the one on the dashboard. -.net config screenshot 2023-06-13_13-05-34.png -dashboard screenshot 2023-06-13_13-07-52.png
- No checking of scopes, just checking access token.
One thing to note is if I paste the user.accessToken into this site https://jwt.io/, I get an invalid token error 2023-06-13_13-10-26.png
If I paste the user.IdToken it checks out valid… so why would that be? Here’s an example of the access token ‘eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiaXNzIjoiaHR0cHM6Ly9kZXYtc3c2MmxnNGE1cHVnc3ZtZy51cy5hdXRoMC5jb20vIn0…ypBsUKEiPtLuMm0E.bUvttx6EtALPkGWwMeuWupSFRUC2j8kgDbcrVD5GL7sfqtKLK-Q71lnt-Enw1lw2-rkV4uLVJzgqmsXjjWFvTA8boItW7VzM9mvboawkKirq2zEmQNz_wPbHeysp0_uMR12iCHs7FFoDYykWmjCO_iMO3DWqNwq4q_AD2iqcvfQQDBSx0ymw-PVUcnBFuAeDzV5-yJ_qS8knyfwo3IS6ufEYuEfhrX8jEpbplLMlsAspnNWL9CMNnZcsCxEpEzNXXqklwvHGnuredRSirsUJX4ty22IFhC8296nWLkXzGv66kMDt0ttRICQFqvX7TtVWDM9xSPDupAdLuLdxF23_yYt4ulQaVJc.-EEbiuZhXK6PPEWlok7DyA’