I am developing a Blazor Server app with Auth0. Because I am incorporating roles and will be manipulating them in the app, I need to access the API. I am managing to create an access token, but on examination in a JWT decoder, I have found that it does not contain any of my needed scopes, thus generating an error when I try to use it.
The audience in the token is correct, and (through research) I have tried many different ways to include the scopes, Normal authentication into the app works correctly.
Thank you for posting your question. I’ve checked your tenant, and it looks like you don’t have an API created in the tenant associated with your Auth0 Community Account. To request an access token for a specific tenant, you need to create an API first in the Auth0 Dashboard → https://auth0.com/docs/get-started/apis. You can read more about access tokens here → https://auth0.com/docs/secure/tokens/access-tokens.
I’ve created an API in the dashboard, as you suggested, though I’m not sure I’ve done so correctly, as I’m now getting a “401 - Bad Audience” error. I replaced the the audience in the code in the appropriate places. I’m not sure where to proceed from here. Please advise.