Hello, I’m using Auth0 to allow users to login with Google SSO in a nextjs application. I need to validate the user with the backend of the application. That being said, auth0 is returning an opaque access token even though I have included https://{tenant}.auth0.com/api/v2/ as the AUTH0_AUDIENCE .env variable (which is in turn being included as a query param to the /authenticate endpoint). How can I ensure that the payload of the JWT is not empty?
Here’s the code that I’m using to parse the access token on the backend:
Thank you for your response. I am following up for @tyf.
I have just tested getting an Access Token with Next.js and did not experience any issues.
To investigate this issue further, could you please provide me the exact /authorize URL request you made and send it to me via direct messages?
For the moment, the URL you shared in this reply has obfuscated your tenant name. I would like to make sure that the request and your tenant settings are correct.
Thank you for your updates. I have responded in our direct messages together with the provided solution. I am going to share the solution with the rest of the Community.
In essence, whenever the audience parameter is omitted in the login request, the token generated will be opaque. To get a JWT access token you must pass an audience parameter in the login request. For more information, I recommend reading our Get Access Tokens documentation.
For clarity, the /authorize request should look something like the following:
Hey Rueben - I have already confirmed that, please read the above messages and our private thread. I have started implementing frontegg and will move forward with their product if we are unable to resolve this issue before I finish.
The issue was that the application was not granted access to the Management API. In most cases, if the token is opaque, then there was no audience passed into the call. Here is some documentation describing this.