Cannot read headers on tokens

I have a Vue.js SPA and is trying to communicate with a Python (FastAPI) backend API. Unfortunately, I am unable to decode the token headers.

In particular, the line

unverified_header = jwt.get_unverified_header(token)

is failing with an error,

jose.exceptions.JWTError: Error decoding token headers.

I am getting the token on the clientside with a call to:

const token = await this.$auth.getTokenSilently();

as indicated in the documentation. However, the token which this generates (and which is successfully passed to the Python side" looks something like,

R4TKoadKGx5YOgiggTNqr0xAEwFHm4Xg

Which looks not much like JWTs that Iā€™ve worked with previously. Am I missing something here?

Thanks,

1 Like

Hey @lightscalar, Welcome to the Auth0 Community!

This looks like an opaque access token:
Opaque token is a form of Access token which is provided if you have not added an ā€œAudienceā€ Parameter in the /authorize request. If you add an audience parameter it will provide you a JWT token. Without audience it will be an opaque token

2 Likes

Thanks Sidharth for providing the explanation on the difference of those.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.