JWT access token invalid

muneebamughal · January 30, 2018, 8:23pm

I am integrating Auth0 with my backend application as an authorisation service. I have created an access token via endpoint oauth/token with client credentials and user’s email and password. Access token generated is verified by jwt.io with my custom API’s secret key. I am using HS256 and a custom api with identifier http://localhost:4000/. Also, guardian as the token decoding library which returns invalid token. My Guardian config:

config :my_app, MyApp.Guardian,
allowed_algos: "HS256"],
error_handler: Authentication.ErrorHandler,
issuer: AUTH0_DOMAIN,
verify_issuer: false,
secret_key: AUTH0_API_KEY

For token generation, I am using http://localhost:4000/ as audience and AUTH0_DOMAIN as issuer, grant_type: password

I have spent so much time debugging My guardian implementation and testing with new APIs and Clients but couldn’t get it to work. What am I doing wrong?

Thank you so much for the help in advance.

priya.sharma.9362 · February 5, 2018, 2:20pm

Hi @muneebamughal,

Though I am not able to make a clear understanding on what the actual problem is, still I would suggest you to please check that if you are using the signing secret field of you API for validating the token.
Please see [here][1]

And also make sure that you have configured the client and the API with the same signing algorithm.

Topic		Replies	Views
Invalid access token Help identifier-first , login-experience	4	1635	April 7, 2023
Invalid access_token JWT.io jwt , auth0	3	5367	March 28, 2020
Access token fails validation Help	4	6362	January 27, 2019
Auth0 Issued JWT has invalid issuer Help jwt , auth0 , api	2	9424	March 5, 2020
Generated JWT token is invalid Help management-api , keys	2	3576	January 23, 2023

JWT access token invalid

Related Topics