Invalid token: "The audience' is invalid"


I’ve created a nextjs front end and c# backend following the following guides and managed to get both working successfully:

I’m now trying to wire them up to get the nextjs app to call the api backend.

The api has been setup with the following in the appsettings.json

"Auth0": {
    "Domain": "",
    "Audience": ""

In the nextjs app I have also added the following to the .env.local (the audience values are the same)

AUTH0_SCOPE=openid profile email

and successfully able to login using


import { handleAuth  } from '@auth0/nextjs-auth0';

export default handleAuth();

The issue comes when trying to call the api with the token. When calling the api with session.idToken it returns with an error of Bearer error="invalid_token",error_description="The audience '<client id>' is invalid" where is the client id of the app and not audience which I expected. When looking at the token in the aud value is indeed the client id and not the expected audience.

Is there some missing config or extra steps required?

Thanks in advance!


You are using the ID token, not the access token. ID tokens are consumed by the client, but access tokens are consumed by the API. If you’re getting back a full JWT access token, you should pass that into the API.

Hope that helps!

1 Like

thanks for the quick reply, that fixed it!

1 Like

Teamwork makes the dreamwork!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.