InvalidTokenError: Invalid Compact JWS

thisisdjfresh · May 10, 2023, 10:53am

Hi there, ive followed the docs and have set this up previously but struggling with this:

Im using auth0 on my front end and backend, but there seems to be a problem, im getting this error: InvalidTokenError: Invalid Compact JWS

node_modules/express-oauth2-jwt-bearer/dist/index.js:403:24 {
status: 401,
statusCode: 401,
headers: {
‘WWW-Authenticate’: ‘Bearer realm=“api”, error=“invalid_token”, error_description=“Invalid Compact JWS”’
},
code: ‘invalid_token’
}

Here is the api check: const jwtCheck = auth({
audience: ‘h t t p s://myurl.com’,
issuerBaseURL: ‘https://me.eu.auth0.com/’,
tokenSigningAlg: ‘RS256’,
});

auth provider in index.js <Auth0Provider
domain=“me.eu.auth0.com”
clientId={{MY CLIENT ID}}
redirectUri={window.location.origin}
audience=“h t t p s://myurl.com”
>

And the front end getting the token and making the request const authLink = setContext(async (_, { headers }) => {
const token = await getAccessTokenSilently();
return {
headers: {
…headers,
Authorization: Bearer ${token},
},
};
});

const client = new ApolloClient({
link: authLink.concat(httpLink),
cache: new InMemoryCache(),
});

The token im sending is identical to the one the API is recieving

Can anyone please help?

thisisdjfresh · May 10, 2023, 12:56pm

To add to this it appears that the access token is a JWE not a JWT token though there is nowhere i can set this and i havent changed any oauth settings so this should i believe default to JWT?

ramandeep · December 12, 2023, 5:22pm

Did you manage to resolve this issue, I’m experiencing something similar.

nik.baleca · February 17, 2025, 9:43pm

Hi @thisisdjfresh

Welcome to the Auth- Community!

I am sorry about the late reply to your inquiry.

When you login to Auth0 and don’t specify an audience, you will get an opaque access token. It looks like a regular JWT, but actually it’s a self contained encrypted JWT. The only way to validate an opaque token is to call the server that issued the token, in this case the /userinfo endpoint.

In order to get an JWT. You need to create a custom api. Then use this as the audience in your react app to login:

<Auth0Provider
      domain="YOUR_AUTH0_DOMAIN"
      clientId="YOUR_AUTH0_CLIENT_ID"
      redirectUri={window.location.origin}
      audience="YOUR_API_IDENTIFIER"

This will provide you a JWT when you call the getAccessTokenSilently() method.

Then you can specify the same API as the audience in your api:

const jwtCheck = auth({
  issuerBaseURL: "https://<DOMAIN>", 
  audience: "YOUR_API_IDENTIFIER",
});

Hope this is helpful to the issue that you were facing.

If you have any other questions, feel free to leave a reply or post again on the community!

Kind Regards,
Nik

system · March 3, 2025, 9:44pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Access token created in Flutter is wrong and fails with Invalid Compact JWS Get Help configuration , application	6	2921	March 29, 2023
Common Questions About Application API Knowledge Articles api , id_token , userinfo , management-api , refresh-tokens , access-token , permissions , invalid_token	1	4453	April 27, 2022
Invalid Token when fetching from protected API Get Help configuration , application	2	887	January 31, 2024
Backend GO tutorial for API not working Get Help go	5	4248	May 26, 2022
Unable to verify JWT token with express-jwt JWT.io jwt , auth0	2	7724	July 17, 2019

InvalidTokenError: Invalid Compact JWS

Related topics