Hi all, I want to implement Auth0 in my go app,
currently, I am following official docs but I am getting this error when I try to validate my token which I got after the login
which has the following info in the body
I apologize for the delay on this one, but wanted to follow up to see if you were ever able to get this sorted? I was just able to run through the sample you linked to and everything functioned as expected.
It’s hard to know exactly what could be going on but I’d expect your access token to look something like this:
{
"iss": "https://your_domain.us.auth0.com/",
"sub": "auth0|xxxxxxx",
"aud": [
"https://go_api_server", <-- this is your go api identifier
"https://your_domain.us.auth0.com/userinfo" <-- automatically included in the access token
],
"iat": 1664493537,
"exp": 1664579937,
"scope": "openid profile email",
"permissions": [ <-- this will be included if you enabled RBAC + "Add permissions in the Access Token".
"read:admin-messages"
]
}
I always recommend using jwt.io to visually inspect tokens. In my environment I just used our react sample with an audience set to my go API server (https://go_api_server) and was able to retrieve the above access token and successfully validate against the /api/messages/admin endpoint for example.