Problem statement
We have been getting an invalid issuer when validating the JWT obtained from our front end’s API endpoints.
Symptoms
- Getting a
401
error in the backend when trying to implement middleware to validate JWTs on the backend - Changing the issuer multiple times with no success.
Cause
- There was missing a slash / and protocol on the issuer URL that was used to validate in the middleware.
- The issuer URL needs to have an exact match to the keys of the JSON Web Key Set endpoint: (https://YOUR_DOMAIN.us.auth0.com/.well-known/jwks.json)
Solution
We recommend that you include the required slash / and protocol on the issuer URL used to validate in your middleware.