Hey
According to this notification from 3 months ago
" Action Required: Tokens signed using the HS256 Algorithm will no longer be accepted by the Management AP"
we are trying to solve this issue for a while.
we are using a test application in Management API with RS256.
now it failed on the server side - JWT authentication.
we have this route:
router.use(“*”, signedJwt, middleware);
something with signedJwt detention is not working
const signedJwt = jwt({
secret: Buffer.from(AUTH0.secret, “base64”),
audience: AUTH0.audience,
})
in audience, we put the client_id
it was worked before.
class AuthService extends EventEmitter {
constructor(clientId, domain) {
super();
this.config = [clientId, domain];
this.auth = new auth0.WebAuth({
clientID: this.config[0],
domain: this.config[1],
});
this.lock = new Auth0Lock(this.config[0], this.config[1], LOCK_OPTIONS);
}
initLock() {
this.lock.on(“authenticated”, this._doAuthentication);
this.lock.on(“authorization_error”, this._authorizationError);
}
the authResult in _doAuthentication doesn’t contain “idToken”
I would appreciate your help!