Cannot see the email in the access token AND userinfo Unauthorized

Hi there,
SETUP: python with FASTAPI, most of the code is copied from here: Build and Secure a FastAPI Server with Auth0.
GOAL: I want to be able to recognize/identify the user based on the token attached to the request.

I added the token rules [Add email to access token]: but I cannot see the email in the access token.
I copied the code below from auth0 application test menu.
First problem: I am able to receive the token, verify it (Build and Secure a FastAPI Server with Auth0) but the email is not inside the decoded token.
Second Problem: I cannot get the userinfo, it says I am Unauthorized, despite I am using the access token got directly from Auth0. Am I missing something on the Auth0 dashboard? Something wrong in the code?


import http.client
    import json

    conn = http.client.HTTPSConnection("YOUR_DOMAIN")

    payload = "{\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET1\",\"audience\":\"YOUR_DOMAIN\",\"grant_type\":\"client_credentials\"}"

    headers = {'content-type': "application/json"}

    conn.request("POST", "/oauth/token", payload, headers)

    res = conn.getresponse()
    data = res.read()
    data = json.loads(data.decode("utf-8"))
    access_token = data['access_token']
    result = VerifyToken(token=access_token).verify()
    print(result)
    import requests

   
    url = "https://YOUR_DOMAIN/userinfo"
    headers = {
        'Authorization': f'Bearer {access_token}'
        # 'content-type': "application/json"
    }
    print('headers', headers)
    response = requests.request("GET", url, headers=headers)
    print(response.text)

Hello there @loras welcome to the community!

I apologize for the delayed response, but wanted to check to see if you were able to resolve this issue?

How are you getting the Access/ID Token? The tutorial just grabs the access token from the “test” section of the API settings which is for a client credentials flow and will therefore not be associated with a user and thus have no /userinfo audience (required to use the access token against the userinfo endpoint).

Let us know!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.