Getting access token with audience(my API identifier) defined in my SPA, but aud decoded is still clientID of my SPA

I am using reactjs for front end, hosting on localhost:3000
and localhost:8080 for spring boot backend
I’m doing const token = await getTokenSilently({"audience":"http://localhost:8080/api"});
I also tried by adding audience to context provider when initializing auth0client.
I’m not able to authenticate when accessing api since the audience in the token is still my react SPA clientID.
Anyone know why? Did I configure anything wrong?

Hi @siyuewang.nina,

Welcome to the Community!

Can you DM me your tenant name so I can take a look at your config?


Hi, would it be caused by I’m hosting my SPA on local host? From the documentation I’ve seen,we are not able to use getTokenSilently on localhost. I tried using getTokenWithPopup, and it worked fine, while getTokenSilently returned me an opaque token.

Can you try getTokenSilently({audience:"http://localhost:8080/api"})

Hi if I do that, I’ll get an object that is like:

__raw: “"
given_name: “Siyue”
family_name: “Wang”
nickname: “siyuewang.nina”
name: “Siyue Wang”
picture: “
locale: “en”
updated_at: “2020-04-06T20:52:11.720Z”
email: "

email_verified: true
iss: “
sub: “google-oauth2|113479079528742309735”
aud: “YK3uS2H6qJio7Eh642WhzQHddawvW3AN”
iat: 1586206332
exp: 1586242332
nonce: “e_SaCQCtErJuKOOlDz8Uzq0ClvjpCUQccME5RBMJWBA”

So it doesn’t look like an opaque token, just that your identifier is not coming through correctly. Can you try to register the API as something other than localhost then use that as the aud? for example, https://expenses-api

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.