Help Troubleshooting cause of 401 Angular => .NET Core API

dapperdandev · April 18, 2018, 4:46pm

My API is sending 401 errors to my client.

I can login to my live api from my local client
and local api from my local client.

but not live api from live client

// Angular - auth.service.ts

  auth0 = new auth0.WebAuth({
    clientID: 'myClientId',
   domain: 'toucantesting.auth0.com',
   responseType: 'token id_token',
   audience: '//api.toucantesting.com',
   redirectUri: environment.baseUrl, // <-- 'http://app.toucantesting.com/'
   scope: 'openid'
});

// .NET Core - Startup.cs

            services
        .AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        }).AddJwtBearer(options =>
        {
            options.Authority = "https://toucantesting.auth0.com/";
            options.Audience = "https://api.toucantesting.com";
        });

Everything appears to be correct in my Callback URLs. It seems to be something with audience, but that’s a wild guess and various changes to that has had no effect.

Any thoughts? Has anyone had similar problems?

dapperdandev · April 18, 2018, 5:02pm

No response body. Just headers:

HTTP/1.1 401 Unauthorized
Server: Kestrel
WWW-Authenticate: Bearer
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
Set-Cookie: ARRAffinity=04a7cda4b156c78478c2b7a8498523cfc842d89deafb21bbe1db1d7bab8b73d0;Path=/;HttpOnly;Domain=api.toucantesting.com
Date: Wed, 18 Apr 2018 16:42:22 GMT
Content-Length: 0

kimcodes · September 6, 2018, 12:27pm

@dapperdandev were you able to solve your issue? you might need to include the full path in your audience parameter.