Hello Thomas, thank you for your reply (and pardon my delay in getting back).
That extra single quote was an accidental typo in my forum post only, so unfortunately that is not it. I’ve confirmed the settings while reviewing pages like your guys’ react/graphql/apollo article and I can’t seem to find what is amiss.
Just to confirm: on the client side, the audience is the API identifier given by a separate API application created in the Auth0 dashboard (looks like “https://api.myappdomain.com”).
On the server side, my audience is the AUTH0_CLIENT_ID (as indicated in above article) found in my Web Application created in Auth0 dashboard and issuer is my auth0 domain (e.g. myappdomain.auth0.com). Interestingly, on another article of yours regarding express/auth0, it says to set audience as YOUR_API_IDENTIFIER which is different. I’ve tried both ways (and other various tests) and I am still getting the below error in the server:
{ JsonWebTokenError: invalid token
at Object.module.exports [as verify] (/home/gary/development/myapp/api/node_modules/jsonwebtoken/verify.js:75:17)
at ApolloServer.context (/home/gary/development/myapp/api/src/index.js:67:7)
at ApolloServer.<anonymous> (/home/gary/development/myapp/api/node_modules/apollo-server-core/src/ApolloServer.ts:737:24)
at Generator.next (<anonymous>)
at fulfilled (/home/gary/development/myapp/api/node_modules/apollo-server-core/dist/ApolloServer.js:5:58)
at process._tickCallback (internal/process/next_tick.js:68:7) name: 'JsonWebTokenError', message: 'invalid token' }
I’ve checked again and as I indicated in my first post, the server IS receiving the token from the client as shown in first post (with the "Bearer " prefix) and that’s what I give as my first argument in jwt.verify(). Any help is very much appreciated.