Invalid Token when fetching from protected API

lars1337 · January 31, 2024, 12:13pm

Hello,

i have 2 projects connected with auth0. One is my NextJS Frontend which runs as a regular web application. This one works perfectly fine. Now i added a expressJS API to APIs and followed the guideline. When i try to fetch from a protected express route, i always get InvalidToken error. I dont use any claims or scopes. i just want the basic fetch to work.

The error i get: InvalidTokenError: Invalid Compact JWS

Here is the express part:

import express from 'express';
const app = express();
const { auth } = require('express-oauth2-jwt-bearer');

const port = process.env.PORT || 8000;

const jwtCheck = auth({
  audience: 'http://localhost:8000/api',
  issuerBaseURL: 'MY-DOMAIN',
  tokenSigningAlg: 'RS256'
});

app.get('/open', function (req, res) {
    res.json({ message: 'open' });
});

app.get('/protected', jwtCheck, function (req, res) {
    res.json({ message: 'protected' });
});

app.listen(port);

console.log('Running on port ', port);

And this is how i fetch inside NextJS Server Component:

import { getAccessToken } from "@auth0/nextjs-auth0";

sync function getData() {
    const accessToken = getAccessToken();
    const res = await fetch('http://localhost:8000/protected', {
        headers: {
          'Authorization': `Bearer ${accessToken}`
        },
      })
   
    if (!res.ok) {
      throw new Error('Failed to fetch data')
    }
   
    return res.json()
  }

Im out of Ideas right now. Is my code wrong? Did i forget any settings in auth0 Dashboard?

lars1337 · January 31, 2024, 1:54pm

I could solve the problem following the following guide. Im not sure what did the trick aber if anyone else stumbles upon the same problem, this guide helps a lot. So all credits to Benjamin Chavez.

Auth0 Guide with Epress API and NextJS

system · February 14, 2024, 1:54pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.