Cannot see the email in the access token AND userinfo Unauthorized

loras · September 14, 2022, 10:30am

Hi there,
SETUP: python with FASTAPI, most of the code is copied from here: Build and Secure a FastAPI Server with Auth0.
GOAL: I want to be able to recognize/identify the user based on the token attached to the request.

I added the token rules [Add email to access token]: but I cannot see the email in the access token.
I copied the code below from auth0 application test menu.
First problem: I am able to receive the token, verify it (Build and Secure a FastAPI Server with Auth0) but the email is not inside the decoded token.
Second Problem: I cannot get the userinfo, it says I am Unauthorized, despite I am using the access token got directly from Auth0. Am I missing something on the Auth0 dashboard? Something wrong in the code?


import http.client
    import json

    conn = http.client.HTTPSConnection("YOUR_DOMAIN")

    payload = "{\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET1\",\"audience\":\"YOUR_DOMAIN\",\"grant_type\":\"client_credentials\"}"

    headers = {'content-type': "application/json"}

    conn.request("POST", "/oauth/token", payload, headers)

    res = conn.getresponse()
    data = res.read()
    data = json.loads(data.decode("utf-8"))
    access_token = data['access_token']
    result = VerifyToken(token=access_token).verify()
    print(result)
    import requests

   
    url = "https://YOUR_DOMAIN/userinfo"
    headers = {
        'Authorization': f'Bearer {access_token}'
        # 'content-type': "application/json"
    }
    print('headers', headers)
    response = requests.request("GET", url, headers=headers)
    print(response.text)

tyf · September 21, 2022, 12:41am

Hello there @loras welcome to the community!

I apologize for the delayed response, but wanted to check to see if you were able to resolve this issue?

How are you getting the Access/ID Token? The tutorial just grabs the access token from the “test” section of the API settings which is for a client credentials flow and will therefore not be associated with a user and thus have no /userinfo audience (required to use the access token against the userinfo endpoint).

Let us know!

system · November 22, 2022, 10:48pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to retrieve access_token for user with only email, client id and client secret? Help management-api , users	2	245	May 7, 2024
Secure a FastAPI Server with Auth0 - Invalid User JWT.io jwt , error , fastapi	5	2891	March 3, 2023
Validating access token and extract useremail and scope Help extensibility , rules-externsibility	2	1831	November 14, 2022
Include email in JWT Help jwt , auth0	7	19558	April 7, 2020
Get User info from his access_token Help jwt , auth0	8	59403	October 28, 2021

Cannot see the email in the access token AND userinfo Unauthorized

Related Topics