I followed this and set up a Nextjs app with the Auth0 Universal Login.
I created an endpoint in this NextJs app that creates an accessToken and sends it along to an external API I have control over (different domain):
import { getAccessToken, withApiAuthRequired } from '@auth0/nextjs-auth0';
const { accessToken } = await getAccessToken(req, res, {
scopes: ['create:foo'],
authorizationParams: {
audience: process.env.MY_AUDIENCE,
},
});
await apiCall(
`${process.env.MY_EXTERNAL_API_URL}/api/myendpoint`,
{
headers: {
Authorization: `Bearer ${accessToken}`,
'Content-Type': 'application/json',
},
body: JSON.stringify({ companyId }),
},
);
The access token gets created as expected and everything works locally using my “local” Auth0 tenant. In production, however, it is failing 100% of the time on the Express API “auth” middleware with the error:
Authentication error on bearer token InvalidTokenError: Invalid URL
at /my-project-path/node_modules/express-oauth2-jwt-bearer/dist/index.js:300:19
THE EXTERNAL API (that I have control over)
It’s an ExpressJs app.
My router file looks like this:
import express from 'express';
import { requiredScopes } from 'express-oauth2-jwt-bearer';
const router = express.Router();
const createScopes = requiredScopes('create:foo');
const checkJwt = auth({
issuerBaseURL: process.env.AUTH0_DOMAIN,
audience: process.env.AUTH0_AUDIENCE,
});
router.post(
'/',
checkJwt,
createScopes,
createSomething, // The function we want to execute after authentication passes.
);
export default router;
Any help at all you can provide on this matter would be amazing as I have been spinning my wheels for weeks (months?) on this very simply task.