How to implement Auth0 in existing golang project

Hi all, I want to implement Auth0 in my go app,
currently, I am following official docs but I am getting this error when I try to validate my token which I got after the login
which has the following info in the body

{ “iss”: “https://dev-8gfgy.us.auth0.com/", “sub”: "auth0|63205***9bb4358e43b”, “aud”: “5pWA784GCzQwNEXqkCMKEC6", “iat”: 1665288, “exp”: 166288, “sid”: "Trl3iLv***vlHKrH9pFYYO1bPwZon” }

but I am getting this below error when I use the jwt to validate
I am referring to the I am using GitHub - auth0-developer-hub/api_standard-library_golang_hello-world at basic-role-based-access-control
and in the audience I am giving the same value that is in my Auth0 api

{“message”:“aud not satisfied”}

what I am missing here,
is there any way I can solve this
can you pls help
thankyou

Hi there @eliphosifhardy welcome to the community!

I apologize for the delay on this one, but wanted to follow up to see if you were ever able to get this sorted? I was just able to run through the sample you linked to and everything functioned as expected.

It’s hard to know exactly what could be going on but I’d expect your access token to look something like this:

{
    "iss": "https://your_domain.us.auth0.com/",
    "sub": "auth0|xxxxxxx",
    "aud": [
      "https://go_api_server", <-- this is your go api identifier
      "https://your_domain.us.auth0.com/userinfo" <-- automatically included in the access token
    ],
    "iat": 1664493537,
    "exp": 1664579937,
    "scope": "openid profile email",
    "permissions": [ <-- this will be included if you enabled RBAC + "Add permissions in the Access Token".
      "read:admin-messages"
    ]
  }

I always recommend using jwt.io to visually inspect tokens. In my environment I just used our react sample with an audience set to my go API server (https://go_api_server) and was able to retrieve the above access token and successfully validate against the /api/messages/admin endpoint for example.

Let us know!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.