I have a webapp with two different logins. 1. Username-password 2. Social login with Google. For username-password, I get jwt and on API calls to my backend, I decode this using JWKs. For social login, I get a jwe.
Below is my code to decode the token.
unverified_header = jwt.get_unverified_header(token)
print(unverified_header)
kid = unverified_header["kid"]
public_key = Auth0().get_public_key(kid)
payload = jwt.decode(
token,
public_key,
algorithms=["RS256"],
audience=audience,
issuer=issuer,
)
Log of unverified_header for username-password:
{‘alg’: ‘RS256’, ‘typ’: ‘JWT’, ‘kid’: ‘kid_value’}
Log of unverified_header for social login:
{‘alg’: ‘dir’, ‘enc’: ‘A256GCM’, ‘iss’: ‘’}
How can I change jwe to jwt for social login?
Hi @aayesha.shrestha
Welcome to the Auth0 Community!
Thank you for posting your question, please check our knowledge solution regarding getting JWT instead of JWE → How to Stop Getting JWEs when JWT is Required
I hope this will help you!
Dawid
Hi @dawid.matuszczyk thanks for quick reply. It looks like I am doing same thing as mentioned in the knowledge solution. And for username-password login, it works fine. However the issue is only in social login, where it gives jwe. Is there anything different that needs to be done for social login?
Hi @dawid.matuszczyk thanks for quick reply. It looks like I am doing same thing as mentioned in the knowledge solution. And for username-password login, it works fine. However the issue is only in social login, where it gives jwe. Is there anything different that needs to be done for social login?