GitHub API Fetch Repositories Failing with 401 Unauthorized in Auth0 Integration

I’m currently working on a React application where I’m integrating Auth0 for authentication, including GitHub login. I want users to log in via GitHub and then display their repositories on the home screen by fetching them from the GitHub API.

Problem:

The access token is being successfully generated when I authenticate via GitHub, but when I attempt to fetch the repositories using the token, I get a 401 Unauthorized error from the GitHub API.

Upon verifying the github token in jwt.io it seems that token signature is invalid.

Auth0 Settings:

I’ve configured the GitHub connection in Auth0 to use repo scope.

GitHub Developer Settings:

The GitHub OAuth App is set up with the correct Client ID and Client Secret in Auth0. The OAuth app is requesting the repo scope and is registered in the GitHub Developer settings.

Questions:

Why is the GitHub API returning a 401 Unauthorized when the access token seems to be generated correctly?

Are there any additional settings I need to configure in Auth0 or GitHub to ensure the repo scope is included in the access token?

please refer to this repository for code - GitHub - Sourish2003/react_app

Hi @sourish666,

Welcome to the Auth0 by Okta Community!

It sounds like you are running into issues with the GitHub Social Connection.

This error could be caused by an incorrectly configured Allowed Callback URL. It should be configured as https://YOUR_DOMAIN/login/callback.

If you are still receiving a 401, it may be due to incorrectly configured permissions for the user during login. This link shows how to add those scopes to the user: https://auth0.com/docs/authenticate/identity-providers/adding-scopes-for-an-external-idp

For further guidance on configuring the GitHub connection in Auth0, you can refer to this link: (https://marketplace.auth0.com/integrations/github-social-connection).

Please let me know if you have any further questions.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.