I’m a developer working on bringing auth0 to our company. We have a SPA Vue app that I’ve setup with @auth0 /auth0-spa-js, and a node API that uses jwt/jwks to use the bearer token for authentication. I develop on my localhost and ended up doing this to invoke the API: async getBearerToken() { …

You should only get an opaque token if you aren’t specifying an audience for the call. You are intermittently getting an opaque token? Have you tried specifying the audience when you initialize the auth0 client? Take a look at main.js in the vue quickstart I linked above. It should be the API ident…

Invoking an API from a SPA with getTokenWithPopup/getTokenSilently -- is there a better way to do this?

Help

dan.woda May 5, 2020, 7:02pm 7

@mpekar,

The opaque token is an access token intended for internal auth0 APIs, like the /userinfo endpoint. If you want to get an encoded JWT you must declare an external audience.