Hi,
I’am using NestJS 8 with passport-auth0. I don’t know how to pass an audience to the strategy to obtain a JWT access-token (instead an opaque one). I’am using this strategy :
@Injectable()
export class Auth0Strategy extends PassportStrategy(Strategy, 'auth0') {
constructor() {
super({
domain: process.env.AUTH0_DOMAIN,
clientID: process.env.AUTH0_CLIENT_ID,
clientSecret: process.env.AUTH0_CLIENT_SECRET,
callbackURL: process.env.AUTH0_CALLBACK_URL,
passReqToCallback: true,
scope: 'openid email profile',
state: true,
});
}
async validate (req, accessToken, refreshToken, extraParams, profile, done): Promise<any> {
done(null, {accessToken,profile});
}
}
This strategy works well, but I obtain an opaque access-token (and a JWT id-token). I read in the documentation that to obtain a JWT access-token, I need to pass the “audience”. But if I add an audience property in the constructor, it has no effect. I tried this :
super({
domain: process.env.AUTH0_DOMAIN,
clientID: process.env.AUTH0_CLIENT_ID,
clientSecret: process.env.AUTH0_CLIENT_SECRET,
...
audience: "my-wonderful-api-identifier"
});
But still having an opaque access-token.
I wonder how do I pass this audience parameter to the strategy.
Thank you for your help.