Having trouble with SPA application

martin.phee · October 13, 2022, 4:50pm

I’m following the guide for React based app but the token I’m getting is failing to be decoded on the backend. I’m getting
‘The token was expected to have 3 parts, but got 5.’

I try plugging in the token into jwt.io, and it can’t verify it either.

I’m logging in fine and using
const token = await getAccessTokenSilently() on the front-end to get the token for the
Authorization header.

martin.phee · October 14, 2022, 7:13am

I think I figured this out. I added audience to the client and the backend and not we get a typical JWT on the backend.

Previously we got an encrypted JWT.
What would be the typical pattern for a backend service with an Encrypted JWT? There’s no way to decrypt it without the keys. Is there an Auth0 API to call?