Expired token received for JSON Web Token validation

nakuruhope · May 14, 2024, 2:46am

Using the offiical auth0 nodeJS SDK.

Before we make any management API request, we use the auth0 provided code snippet to get a machine-to-machine access token and new client.

const res = await fetch(`${process.env.AUTH0_ISSUER_BASE_URL}/oauth/token`, {
    method: 'post',
    headers: { 'content-type': 'application/json' },
    body: JSON.stringify({
      client_id: process.env.AUTH0_CLIENT_ID,
      client_secret: process.env.AUTH0_CLIENT_SECRET,
      audience: `${process.env.AUTH0_ISSUER_BASE_URL}/api/v2/`,
      grant_type: 'client_credentials'
    })
  });

  const body = await res.json();

  console.log(body);

  return new ManagementClient({
    token: body.access_token,
    domain: `${process.env.AUTH0_TENANT}.au.auth0.com`
  });

We then try to retrieve user information:

await auth0Client.users.get({ id: auth0Id });

Sometimes this returns us an error message “Expired token received for JSON Web Token validation”. Not sure what else we can do here. Any ideas?

tyf · May 15, 2024, 10:43pm

Hey there @nakuruhope welcome to the community!

Sometimes as in it may throw that error and then proceed to work again? Management API access tokens do have a relatively short lifetime.

system · June 28, 2024, 8:57pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.