Hello,
i followed this auth0 tutorial successfully, to integrate a log in functionality to a django application. Now i want to get a jwt Bearer token after a user logs in, to call a REST API, which accepts that token for authorization.
My question is: How do i obtain that token?
I managed to find an access token under
access_token = user.social_auth.get(provider=‘auth0’).extra_data[‘access_token’]
but it is not a jwt token.
Hi @niko_bele,
It sounds like you might be getting an opaque access token back as you have not specified an audience. This opaque token is designed to be only used with the Auth0 /userinfo endpoint and cannot be validated by other APIs.
For a custom API, make sure you have specified the API identifier as the audience in your authorize request - https://auth0.com/docs/tokens/access-tokens/get-access-tokens#control-access-token-audience
With a valid audience you should see a JWT access token, if you are using the Quickstart you should be able to set this by adding a line to the .env file:
AUTH0_AUDIENCE=<YOUR_API_IDENTIFIER_HERE>
If you haven’t already, you should add your API to your Auth0 tenant like shown here, this will allow Auth0 to generate tokens meant for your API.
Hello @sgo
adding the audience solved the issue. Thank you very much.
I am extracting the token like this:
response.user.social_auth.get(provider=‘auth0’).extra_data[‘access_token’]
is it possible to extract the id_token as jwt in a similiar way?
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.