I’ve been trying to validate a token with the code below, and I get the message “jwt.exceptions.InvalidAlgorithmError: The specified alg value is not allowed”. I also put the token in https://jwt.io/ and it says that there’s an invalid signature. But I can send the token to the userinfo endpoint, /userinfo, and I get my user info. Just trying to figure out why it appears to not be an RS256 encoded token. I looked through my advanced settings for my app and it says it’s RS256. I still get the same error message in the code below if I put “A256GCM” in “algorithms” in the code below. But that’s what jwt.io says it is.
Yes, that was the case. Got help from Auth0 support and got it sorted out. Got some example code working right away, but getting it to work in my code was not as easy. But I eventually got it working. Thanks.