If you are using Auth0 Lock and trying to get a JWT token returned

adam.recvlohe · June 4, 2018, 11:46pm

I searched far and wide to find this solution and now trying to reduce the pain for others. I am using the latest version of Auth0 Lock, "auth0-lock": "^11.7.0". I was trying to figure out how to get back a JWT and not just the opaque string that is the accessToken. The answer is to update the config options for responseType to be responseType: 'token id_token'. Full options object I have.

const options = {
  container: "lock-container",
  allowSignUp: false,
  auth: {
    responseType: "token id_token",
    redirect: false,
    sso: true,
    params: {
      scope: "openid profile email",
    },
  },
};

kimcodes · June 25, 2018, 2:10pm

@adam.recvlohe thanks for sharing! So your issue was you were expecting a JWT but instead were getting an opaque token? There are a few reasons this could be happening. A few include when the audience for an API is not specified, using a social IdP and the keys are not setup, or when the audience is /userinfo an opaque token will always be issued.

https://auth0.com/docs/tokens/access-token#access-token-format

system · September 6, 2018, 2:55pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can't get lock to return a JWT JWT.io lock	3	4319	July 25, 2019
Lock/JWT not returning email/profile. Chicken and egg problem JWT.io lock	4	5690	October 31, 2018
Idtoken null in web lock 11 Help jwt , auth0 , idtoken , web-lock	2	5591	July 25, 2019
Lock Web - Get JWT access token and id token to call API Help token , lock , jwt , api , id_token	8	7220	March 2, 2018
Opaque token returned for hosted lock with audience param Help access-token , api-authorization	3	4399	August 27, 2019

If you are using Auth0 Lock and trying to get a JWT token returned

Related Topics