Make Request to Auth0 api from react native app

schoenbl · August 28, 2021, 6:09pm

I have a react native app authenticated with Auth0.

I have an API that uses react native.

When a user signs in, i take the accessToken that is given for that user, and I make request to the API with the accessToken set as the authorization header.

I do so like this:

const requestHeader = {
        headers: {
            Authorization: `Bearer ${accessToken}`,
        }
    }

axios.post(API_BASE + '/api/example/', requestHeader)

The accessToken is something short like this: aBQdd0kOvb1pNj-9XDj_C6bKWkMg9D_q

When I try to validate the request with the API, I get this error:

UnauthorizedError: jwt malformed

I know i’m getting this error because the access token isn’t a JWT.

I’m validating in the API like this:

exports.checkJwt = jwt({
    secret: jwksRsa.expressJwtSecret({
        cache: true,
        rateLimit: true,
        jwksRequestsPerMinute: 5,
        jwksUri: 'https://dev-0p1doq9r.auth0.com/.well-known/jwks.json'
  }),
  audience: 'ddasdsfasdfasd',
  issuer: 'safsdfasdfasdfafsdf',
  algorithms: ['RS256']
});

I know that accessToken needs to be transformed into a JWT on the client, BUT HOW? I have not found any documentation for this; I have also not found what other properties need to be included in the JWT for validation.

dan.woda · August 30, 2021, 9:17pm

Hi @schoenbl,

Welcome back to the Auth0 Community!

Take a look at this resource:

https://community.auth0.com/t/why-is-my-access-token-not-a-jwt-opaque-token/31028

schoenbl · August 31, 2021, 6:05am

Hi Dan! Thanks for your response! That doesn’t seem to be working for me.

This is how I’m using the Auht0 constructor from the React Native Auth0 SDK:

import Auth0 from 'react-native-auth0';
const auth0 = new Auth0({
    audience: "https://api.thepodapp.com",
    domain: 'dev-0p1doq9r.auth0.com',
    clientId: 'LOfg18i9rCofQQadginNQVlDz8zF7PXI',
});

export const signInAsync = (callback) => {
    auth0
        .webAuth
        .authorize({scope: 'openid profile email'})
        .then(credentials => callback(credentials))
        .catch(err =>  callback(null, err))
}

When I do that, I still receive and opaque token. Should I be receiving a JWT when I do this?

dan.woda · August 31, 2021, 3:09pm

Have you registered an API in the Auth0 dashboard that corresponds with that audience?

E.G.:

schoenbl · September 3, 2021, 4:58am

Hi Dan, thanks for the response. I really appreciate your help.

Yes, I have made the corresponding API in the Auth0 dashboard:

Any other ideas on what the issue might be?

dan.woda · September 3, 2021, 4:35pm

Can you try passing the audience param to your authorize method?

authorize( {
  ...,
  audience:"https://test-api"
} )

schoenbl · September 5, 2021, 6:30pm

This worked! Thank you! Should the documentation be updated?

dan.woda · September 8, 2021, 5:12pm

It sounds like that would be helpful. I can’t find any references to passing the audience when you create the Auth0 object, did you see that recommended somewhere? I’d like to recommend an update.

Topic		Replies	Views
Added Audience and STILL getting Opaque token instead of JWT token with React Native Get Help react-native-auth0 , sdks-quickstarts	3	335	November 12, 2024
Get jwt access token using react-sdk (getAccessTokenSilently) Get Help jwt , auth0 , access-token , react-sdk	2	6871	March 10, 2021
How to validate token from login from authorization flow Get Help jwt , auth0	8	3350	December 9, 2024
Mobile + api: React Native implementation Get Help jwt , auth0 , api , login	2	3243	September 3, 2019
JWT Malformed for API auth check Get Help jwt	3	8849	December 20, 2020

Make Request to Auth0 api from react native app

Related topics