Hello World Full-Stack Security: React v17/JavaScript + Express.js/JavaScript : Basic Access Control Issue

I am new to Auth0 picking up the flow to integrate in the project I am working on. I am currently just trying out sample code that reflects the stack that I feel comfortable to use following guides and instruction to better understand the process. I am running the full stack code sample “Hello World Full-Stack Security: React v17/JavaScript + Express.js/JavaScript” now I am stuck running around the circle jumping from pages to pages, repos to repos where the materials and approaches are different that led me to confusion.
So, the problem is with sending the access token from SPA to API. The login and logout work fine, including the public page of course. But when it comes to Protected Page where the endpoints are private that validate the access token it is not getting authenticated and just responding with bad credential from API server. I would appreciate it if anyone can please help me out here. Thank you in advance.

Hello there @naya welcome to the community!

That’s great that you’re able to log in and out successfully :slight_smile: In the guide there is a section related to registering an API in Auth0 and obtaining the audience (API Identifier). This audience value needs to be including when configuring both your React App and Express server. Are you able to confirm that both .env files have the same value listed for audience? If you’re able to pull the access token used and decode it at jwt.io and share(sensitive information redacted) here I’d be happy to take a look.

1 Like

Thank you very much for your kind response @tyf
I would be happy to share of course and yes everything is set up accordingly in .env for the Auth0 Domain, Client ID and Audience etc.
Here is the JWT that is return when getAccessTokenSilently() is called on the protected-page

1 Like

No problem, happy to help!

Thanks for sharing the JWT - It looks completely valid to me.

I just tested the sample myself and was unable to reproduce the error you’re seeing. Sounds silly, but I might try setting up the sample again from scratch :confused: Aside from that if you want to DM me your .env files (or the entire project) I’d be happy to take a look!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.