How to set up the Audience in Next.js SDK to get a valid JWT?

raph1 · February 3, 2024, 11:40am

Hi,

I’m moving our App from React to Next.js, everything worked fine with the React SDK. But now, using the Next.js SDK I’m not able to get a valid JWT, just getting an opaque token…

I’m trying to find a way to set the Audience during Login to get a valid JWT, like I did in React, but can’t find how to do that.

Even in the doc for authorizationParams, there is no audience params… AuthorizationParams | @auth0/nextjs-auth0

Can someone help me with this ?

Many thanks.

raph1 · February 5, 2024, 1:52pm

I also added AUTH0_AUDIENCE to the .env.local with the other params but that seems to be ignored…

Does anyone know about that issue ?

tyf · February 5, 2024, 7:24pm

Hey @raph1 welcome to the community!

Hmm thanks for pointing this out - The audience param should indeed be added to AuthorizationParams:

github.com

auth0/nextjs-auth0/blob/main/EXAMPLES.md#access-an-external-api-from-an-api-route

# Examples

- [Create your own instance of the SDK](#create-your-own-instance-of-the-sdk)
- [Customize handlers behavior](#customize-handlers-behavior)
- [Use custom auth urls](#use-custom-auth-urls)
- [Protecting a Server-Side Rendered (SSR) Page](#protecting-a-server-side-rendered-ssr-page)
- [Protecting a Client-Side Rendered (CSR) Page](#protecting-a-client-side-rendered-csr-page)
- [Protect an API Route](#protect-an-api-route)
- [Protecting pages with Middleware](#protecting-pages-with-middleware)
- [Access an External API from an API Route](#access-an-external-api-from-an-api-route)
- [Add a signup handler](#add-a-signup-handler)
- [Use with Base Path and Internationalized Routing](#use-with-base-path-and-internationalized-routing)
- [Use a custom session store](#use-a-custom-session-store)
- [Back-Channel Logout](#back-channel-logout)

See also the [example app](./example-app).

### Create your own instance of the SDK

When you use the named exports, the SDK creates an instance of the SDK for you and configures it with the provided environment variables.

This file has been truncated. show original

raph1 · February 7, 2024, 10:22am

@tyf Thanks for you reply.

I was finally able to get a valid JWT token by passing manually the audience to in the AuthorizationParams.

But now I have another issue… This JWT is NOT recognized as a valid token by my Flask Server.

It was working perfectly well (and still works) with my React Client. The setup is the same, same audience etc… when I look inside the JWT token with jwt.io I find the same informations…

But for some reason the Token received in my Next.js app isn’t accepted by my server while the token received in my React App is accepted.

Any idea of what’s going on ?

tyf · February 10, 2024, 1:37am

That’s great, thanks for confirming!

Very odd! Is your Flask server throwing any error in particular when attempting to verify the token?