Auth0 Home Blog Docs

JWT access token invalid

access-token
jwt-validation
invalid
access
resource-owner-passw

#1

I am integrating Auth0 with my backend application as an authorisation service. I have created an access token via endpoint oauth/token with client credentials and user’s email and password. Access token generated is verified by jwt.io with my custom API’s secret key. I am using HS256 and a custom api with identifier http://localhost:4000/. Also, guardian as the token decoding library which returns invalid token. My Guardian config:

config :my_app, MyApp.Guardian,
allowed_algos: "HS256"],
error_handler: Authentication.ErrorHandler,
issuer: AUTH0_DOMAIN,
verify_issuer: false,
secret_key: AUTH0_API_KEY 

For token generation, I am using http://localhost:4000/ as audience and AUTH0_DOMAIN as issuer, grant_type: password

I have spent so much time debugging My guardian implementation and testing with new APIs and Clients but couldn’t get it to work. What am I doing wrong?

Thank you so much for the help in advance. :slight_smile:


#2

Hi @muneebamughal,

Though I am not able to make a clear understanding on what the actual problem is, still I would suggest you to please check that if you are using the signing secret field of you API for validating the token.
Please see [here][1]

And also make sure that you have configured the client and the API with the same signing algorithm.