Cannot read headers on tokens

lightscalar · October 15, 2020, 8:12pm

I have a Vue.js SPA and is trying to communicate with a Python (FastAPI) backend API. Unfortunately, I am unable to decode the token headers.

In particular, the line

unverified_header = jwt.get_unverified_header(token)

is failing with an error,

jose.exceptions.JWTError: Error decoding token headers.

I am getting the token on the clientside with a call to:

const token = await this.$auth.getTokenSilently();

as indicated in the documentation. However, the token which this generates (and which is successfully passed to the Python side" looks something like,

R4TKoadKGx5YOgiggTNqr0xAEwFHm4Xg

Which looks not much like JWTs that I’ve worked with previously. Am I missing something here?

Thanks,

sidharth.chaudhary · October 15, 2020, 10:09pm

Hey @lightscalar, Welcome to the Auth0 Community!

This looks like an opaque access token:
Opaque token is a form of Access token which is provided if you have not added an “Audience” Parameter in the /authorize request. If you add an audience parameter it will provide you a JWT token. Without audience it will be an opaque token

konrad.sopala · October 16, 2020, 1:32pm

Thanks Sidharth for providing the explanation on the difference of those.

system · October 31, 2020, 1:33pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Vue SPA / Python API Help auth0	2	3361	November 27, 2019
Decode access_token? Help	4	22785	June 25, 2021
Having trouble with SPA application Help	1	1147	October 14, 2022
Unable to decode access_token given on login Help apis , application	2	371	May 17, 2024
Cannot Decode Access Token or "Corrupted JWT" Knowledge Articles	1	1126	August 3, 2023

Cannot read headers on tokens

Related Topics