The token does contain the audience you are requiring; the only thing weird is that you’re using https://p-jankowski.eu.auth0.com/api/v2/ audience which is associated with the Auth0 Management API and as such should not be used to represent your own API, however, technically for the issue at hand that does not seem the explanation. In addition, I don’t know for certain but given the token only has the openid scope if the API is making additional requirements on scopes then this could be an issue.