Empty JWT payload in accessToken is not valid

Hello,
I’m using react sdk, the login works and I get an accessToken. But when I want to use this accessToken with my backend (C#) it doens’t work. When I check the token using jwt.io I get the warning “Looks like your JWT payload is not a valid JSON object. JWT payloads must be top level JSON objects as per
RFC 7519 - JSON Web Token (JWT)

I already have the api audience in the login call:
loginWithRedirect({
authorizationParams: {
audience: “http://localhost:5268/
},
});

And then I use “getAccessTokenSilently” to get the access token. And finally I add the access token as a bearer token to the api request.

This is my accessToken:
eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiaXNzIjoiaHR0cHM6Ly9kZXYtZ2ZpcmNlNHUwZ2loMGd2dy51cy5hdXRoMC5jb20vIn0…5OCR8HUSoFSYd3x6.OrLuo7JOeBj9GetnupHMYefcSu-WnePkhfRzk-efCapjLfbPM8sTDwZS3HeOVMI1uaDKPKbt7ilnuLBDSVo747KVTiMFulRJJhXFM69VMHw6xP5v_6rP0LII_CZjEY3PTZHrmWEL9DkKpOzewLEhNf2h3KIPHn6RW8Txb9SWh7N1WOU_XGaCz19Fuye-rDT_n6MfAH3pyjYBFXFKpwvK8W1zheMYpG8d7fdaOdsYV8wq-ApnDs0kKFhUGz__xINT2alFPuuLlAAnhogLphHFMgQ4ONboOtIk1Oj1z1lT3WQcIBQFf8X6LcQCWNvYjSURxlPG60x5OFXrFYcfZ-mPSeOX.8tHPP63eddlX6VlI7qraVg

What am I missing? How can I get a valid accessToken with a valid JSON as a payload?

Anyone from the auth0 can reply to this thread?

Hey @alex2020 welcome to the community!

I just glanced at your tenant and it looks like http://localhost:5268/ is indeed registered properly in Auth0. It sounds like this is the access token you are getting via auth0-react in your own app? Have you attempted to reproduce using the sample app? I just created an API with the same identifier and am getting a valid non-opaque access token back in the sample app. I recommend giving it a go as it will remove any application specific variables that might be in play here.

Let us know!

Thanks for your suggestion @tyf.
I tried it with the sample app and it worked. The difference between the sample app and my app was that I was passing the audience to the loginWithRedirect method while the sample app passed this value to the Auth0Provider. After I did this change in my app it started working.
The documentation on this is not very clear but at least it’s working now :slight_smile:
Thanks for your help!

Ahh, gotcha - Thanks for clarifying! That’s odd that it wasn’t working with loginWithRedirect as I believe it should given it’s passed in authorizationParams. Regardless, I’m happy to hear you got it working and sorry for the confusion!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.