Getting UnauthorizedError: jwt malformed

Hey :slightly_smiling_face:
According to this notification from 3 months ago
" Action Required: Tokens signed using the HS256 Algorithm will no longer be accepted by the Management AP"
we are trying to solve this issue for a while.
we are using a test application in Management API with RS256.
now it failed on the server side - JWT authentication.

we have this route:
router.use(“*”, signedJwt, middleware);

something with signedJwt detention is not working
const signedJwt = jwt({
secret: Buffer.from(AUTH0.secret, “base64”),
audience: AUTH0.audience,

in audience, we put the client_id

it was worked before.

class AuthService extends EventEmitter {
constructor(clientId, domain) {

this.config = [clientId, domain];
this.auth = new auth0.WebAuth({
  clientID: this.config[0],
  domain: this.config[1],
this.lock = new Auth0Lock(this.config[0], this.config[1], LOCK_OPTIONS);


initLock() {
this.lock.on(“authenticated”, this._doAuthentication);
this.lock.on(“authorization_error”, this._authorizationError);

the authResult in _doAuthentication doesn’t contain “idToken”

I would appreciate your help!