Converting from ID Token to Access Token in "Single-Page App"


I have inherited a “single-page app” which uses an Auth0 ID Token to connect to Hasura. I would like to, instead, use an Auth0 Access Token.

I’ve written code to create the Access Token, via the useAuth0 hook from '@auth0/auth0-react’, and added the Access Token pipeline rule in Auth0 config, but Hasura returns “Could not verify JWT: JWSError CompactDecodeError Invalid number of parts: Expected 3 parts; got 5”.

The ID Token continues to work with Hasura without issue.

Hello @steve.steinitz welcome to the community!

While I’m not familiar with Hasura myself, I looked this tutorial and judging on the error you’re seeing am guessing it is an issue having to due with than opaque access token. Check out the “create an API” section in that tutorial as it outlines the steps you need to take in order to receive a JWT rather than the aforementioned opaque access token.

Keep us posted!

Hi @tyf

Thanks for your reply. Yes, your opaque-vs-JWT-Access–Token idea makes sense. Thanks for a direction for focus.

The tutorial you reference has a lot of Hasura-specific information which confuses the issue slightly - for me, anyway. My perception is I’m doing what tutorial says. Is there a tutorial from Auth0 with a tighter focus on creating a JWT Access Token? If so, great, if not I’ll separate the wheat from the chaff in the Hasura tutorial.

I’ll also raise the question on the Hasura forum.

Thanks again for your reply. I’ll report any discoveries.

1 Like

No problem, happy to help!

You basically just need to include an audience parameter in the /authorize request one way or another. The following FAQs go into this in more detail if you’re curious: