How can I change jwe to jwt for social login?

Get Help
,
1

I have a webapp with two different logins. 1. Username-password 2. Social login with Google. For username-password, I get jwt and on API calls to my backend, I decode this using JWKs. For social login, I get a jwe.

Below is my code to decode the token.

unverified_header = jwt.get_unverified_header(token)
print(unverified_header)
kid = unverified_header["kid"]
public_key = Auth0().get_public_key(kid) 
payload = jwt.decode(
       token,
       public_key,
       algorithms=["RS256"],
       audience=audience,
       issuer=issuer,
)

Log of unverified_header for username-password:
{‘alg’: ‘RS256’, ‘typ’: ‘JWT’, ‘kid’: ‘kid_value’}

Log of unverified_header for social login:
{‘alg’: ‘dir’, ‘enc’: ‘A256GCM’, ‘iss’: ‘’}

How can I change jwe to jwt for social login?

2

Hi @aayesha.shrestha

Welcome to the Auth0 Community!

Thank you for posting your question, please check our knowledge solution regarding getting JWT instead of JWE → How to Stop Getting JWEs when JWT is Required

I hope this will help you!
Dawid

3

Hi @dawid.matuszczyk thanks for quick reply. It looks like I am doing same thing as mentioned in the knowledge solution. And for username-password login, it works fine. However the issue is only in social login, where it gives jwe. Is there anything different that needs to be done for social login?

4

Hi @dawid.matuszczyk thanks for quick reply. It looks like I am doing same thing as mentioned in the knowledge solution. And for username-password login, it works fine. However the issue is only in social login, where it gives jwe. Is there anything different that needs to be done for social login?

5

Hi @dawid.matuszczyk , I checked your documentation link.The provided solution implies that we should toggle off JWE encryption.
Unfortunately that option is not displayed in my API access token settings.