Hello, I’m using Auth0 to allow users to login with Google SSO in a nextjs application. I need to validate the user with the backend of the application. That being said, auth0 is returning an opaque access token even though I have included https://{tenant}.auth0.com/api/v2/
as the AUTH0_AUDIENCE
.env variable (which is in turn being included as a query param to the /authenticate
endpoint). How can I ensure that the payload of the JWT is not empty?
Here’s the code that I’m using to parse the access token on the backend:
export async function getUser() {
const sessionCookies = await cookies();
const token = sessionCookies.get('appSession');
if (token == null) {
redirect('/api/auth/login');
}
return jwt.decode(token['value'], process.env.AUTH0_CERT);
}
This function returns null
because the JWT payload is empty.
Collin