httpInterceptor does not add authorization header

Hello, I know this topics has been asked many times already but I did not find a solution.

I followed all steps from Auth0 turials to add Auth0 authentication on an Angular App, but after many hours, I can’t do a request to my API. It always send my a 401 error.

I’m on a development environment. I develop with Angular 13 framework and @auth0/auth0-angular 2.0.0

I set up a SPA on auth0 dashboard, and also an API.

Here’s the code I use on app.module.ts

AuthModule.forRoot({
      domain: 'xxxx.auth0.com',
      clientId: 'xxxxxx',
      authorizationParams: {
        redirect_uri: 'http://localhost:4200/dashboard',
        // Request this audience at user authentication time
        audience: 'http://localhost:4200/api',

      },
      httpInterceptor: {
        allowedList: ['http://localhost:4200/api/someRequest'],
      },
    }),

When I access to my Angular App, I see the /auth/token request and it return a 200 code. In the response, I can see access_token, expires_in, id_token, scope and token_type.

But when I request my API, I don’t see the Authorization header attached to the request.

I don’t know where these tokens are normally stored (localStorage, sessionStorage, …)

I saw on similar topics, it might have a limitation on dev envs. How about this ? Is it supposed to work in dev ?

Thanks for your replies

1 Like

Hey there @guillaume.canu78 welcome to the community!

I’m guessing the token is not attached due to an issue with your httpInterceptor config and in particular the allowedList - Might be worth taking a look at how our sample app goes about this. In the sample the apiUri is https://localhost:3001 and the external API is at https://localhost:3001/api/external.

It should work totally fine in a dev environment. Again, you might want to check out the sample I linked to previously in order to compare against.

Hope this helps, keep us posted!

1 Like

Hey, try with http://localhost:4200/*****

1 Like

Hey thanks for jumping in @jovan.somborski28 - That’s correct, something like http://localhost:4200/* should work.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.