A question from a newbie.
A valid user, logs in successfully, ID token is fine, yet LoginResult.AccessToken not parseable, contains no claims.
The user has permissions defined for an existing API; the API has valid audience, RBAC On.
What am I missing?
Any help greately appreciated!
Welcome to the Auth0 Community!
The most likely reason your AccessToken isn’t a parseable JWT is that the audience parameter was not included in your application’s login request. When the audience is missing, Auth0 issues an opaque token which is not a JWT and is only meant for fetching the user’s profile from the /userinfo endpoint.
To resolve this, you need to add the audience parameter to your login request in your application’s code. You can find the audience parameter inside Applications > APIs in your Dashboard by checking the Identifier field. This is your audience value.
await auth0.loginWithRedirect({
authorizationParams: {
audience: 'YOUR_API_IDENTIFIER_HERE' // e.g., "https://api.yourapp.com/"
}
});
This example may differ based on your SDK.
Once you add the correct audience, Auth0 will issue a signed JWT as the Access Token, which will be parseable and will contain the permissions you’ve configured.
If you have any other questions, feel free to reach out!
Have a good one,
Vlad
Thank you very much, Vlad! Spot on!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.