Ready to post? First, try searching for your answer.
I have created a mobile app and integrated with auth0 using password less grant type using SMS.
As part of this i have also created a custom authorization server.
When i am generating token through api request via postman, i am able to get the access token with a valid signature:
But when i am performing the same through auth0 sdk i am getting access token with invalid signature.
It would be great if some one can help me on this issue. Thanks in advance.
A signature error will most likely occur if the expected algorithm is not used. For example, the application may expect RS256, but you might have configured HS256.
In my private cloud, I have encountered the same error. I had to change the setting to RS256 multiple times to resolve the issue.
Thank you for posting your question, Itβs possible that the access token that Auth0 returns is an opaque token that allows for calls only for the /userinfo endpoint. Please check and make sure that your auth0 SDK is adding the audience parameter with the proper API identifier in the request to get the valid access token, not the opaque one.
First, try searching for your answer.