Invalid token on Authorization Extension

fjlenatz · December 18, 2018, 6:03pm

Hi!

I’m currently having some issues regarding the authorization extension. I always get a “Invalid token” response.
What I want to do is set the role after user creation via api.
I’ll omit the code from the user creation, since it’s working.

//auth0ClientId → My main app client id, the one I’m using for user signup
//auth0ClientSecret → Secret from the app I’m using for user signup
//auth0AuthorizationAudience-> The audience from authorization-extension in the APIs page, which is urn:auth0-authz-api

const authorizationTokenData = {
grant_type: “client_credentials”,
client_id: context.app.get(‘auth0ClientId’),
client_secret: context.app.get(‘auth0ClientSecret’),
audience: context.app.get(‘auth0AuthorizationAudience’)
};

//auth0Endpoint → My tenant, the one I get from the domain of my app
const resultAuthorizationToken = await axios.post(${context.app.get('auth0Endpoint')}/oauth/token, data);

//auth0AuthorizationEndpoint → The URL I get in the API section in the Authorization Extension page
//user.user_id → the id of the user I’ve created. I get it in this format: auth0|HASH
const resultAuthorization = await axios.patch(${this.app.get('auth0AuthorizationEndpoint')}/users/${user.user_id}/roles, [‘seller’], {
headers: {
Authorization: Bearer ${resultAuthorizationToken.data.access_token};
});

The response is:

{
statusCode: 401,
error: ‘Unauthorized’,
message: ‘Invalid token’,
attributes: { error: ‘Invalid token’
}

I’ve granted access to all scopes in the machine to machine section of the authorization extension api. I’ve also enabled client grant types on my app and authorization extension app.
I’m with this issue since yesterday. I tried with the same code from here GitHub - auth0-extensions/authz-extension-automation-sample: Sample tool showing how you can provision groups, roles and permissions with the Authorization Extension API

Any ideas?

Regards,
Francisco.

fjlenatz · December 18, 2018, 6:07pm

fjlenatz:

Hi!

I’m currently having some issues regarding the authorization extension. I always get a “Invalid token” response.
What I want to do is set the role after user creation via api.
I’ll omit the code from the user creation, since it’s working.

//auth0ClientId -> My main app client id, the one I’m using for user signup
//auth0ClientSecret -> Secret from the app I’m using for user signup
//auth0AuthorizationAudience-> The audience from authorization-extension in the APIs page, which is urn:auth0-authz-api

const authorizationTokenData = {
grant_type: “client_credentials”,
client_id: context.app.get(‘auth0ClientId’),
client_secret: context.app.get(‘auth0ClientSecret’),
audience: context.app.get(‘auth0AuthorizationAudience’)
};

//auth0Endpoint -> My tenant, the one I get from the domain of my app
const resultAuthorizationToken = await axios.post( ${context.app.get('auth0Endpoint')}/oauth/token , data);

//auth0AuthorizationEndpoint -> The URL I get in the API section in the Authorization Extension page
//user.user_id -> the id of the user I’ve created. I get it in this format: auth0|HASH
const resultAuthorization = await axios.patch( ${this.app.get('auth0AuthorizationEndpoint')}/users/${user.user_id}/roles , [‘seller’], {
headers: {
Authorization: Bearer ${resultAuthorizationToken.data.access_token} ;
});

The response is:

{
statusCode: 401,
error: ‘Unauthorized’,
message: ‘Invalid token’,
attributes: { error: ‘Invalid token’
}

I’ve granted access to all scopes in the machine to machine section of the authorization extension api. I’ve also enabled client grant types on my app and authorization extension app.
I’m with this issue since yesterday. I tried with the same code from here GitHub - auth0-extensions/authz-extension-automation-sample: Sample tool showing how you can provision groups, roles and permissions with the Authorization Extension API

Any ideas?

Regards,
Francisco.

Geez, after I posted this, I realized a typo. Instead of authorizationTokenData in the post for the token, I sent “data”. Sometimes you just need to see it from another point of view haha.

konrad.sopala · February 11, 2019, 6:10pm

Glad you were able to find it!

system · February 26, 2019, 6:10pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Invalid Token with Authorization API Help authorization-extens , invalid_token	5	5263	March 2, 2018
Unauthorized 'Invalid token' response when trying to call Authorization API Help authorization-extens , api-authorization , unauthorized	6	24744	January 7, 2019
Invalid token when accessing Authorization Extension API Help authorization-extens	19	6488	March 2, 2018
Auth0 .net core authorize filter returns invalid token error Help management-api , users	2	1143	June 10, 2023
No scopes in JWT key, all API endpoints return 401 "Invalid token" Help management-api , roles	2	1294	February 16, 2023

Invalid token on Authorization Extension

Related Topics