Invalid token: "The audience' is invalid"

Help
, , ,
1

Hi,

I’ve created a nextjs front end and c# backend following the following guides and managed to get both working successfully:

I’m now trying to wire them up to get the nextjs app to call the api backend.

The api has been setup with the following in the appsettings.json

"Auth0": {
    "Domain": "myapp.eu.auth0.com",
    "Audience": "https://api.myapp.com"
  }

In the nextjs app I have also added the following to the .env.local (the audience values are the same)

AUTH0_AUDIENCE=https://api.myapp.com
AUTH0_SCOPE=openid profile email

and successfully able to login using

#pages/api/auth/[...auth0].js

import { handleAuth  } from '@auth0/nextjs-auth0';

export default handleAuth();

The issue comes when trying to call the api with the token. When calling the api with session.idToken it returns with an error of Bearer error="invalid_token",error_description="The audience '<client id>' is invalid" where is the client id of the app and not audience which I expected. When looking at the token in https://jwt.io the aud value is indeed the client id and not the expected audience.

Is there some missing config or extra steps required?

Thanks in advance!

2

Hi!

You are using the ID token, not the access token. ID tokens are consumed by the client, but access tokens are consumed by the API. If you’re getting back a full JWT access token, you should pass that into the API.

Hope that helps!

1 Like
3

thanks for the quick reply, that fixed it!

1 Like
4

Teamwork makes the dreamwork!

5

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.