HI When I am able to login but when I call the api using my access token i get a 401 unauthorized and the message says Bearer error=“invalid_token”.
Below are images showing my setup.
Hi I hope you can see the images
Hey @sellochrismodise !
Good to know you’re able to log in and get token(s) - Thanks for sharing those images 
-
What does your token look like when you decode it at jwt.io? Do you mind sharing the decoded token (sensitive info redacted) here?
-
Do you have the audience
http://localhost:5000registered as an API in Auth0?
Hi tyf yes that is the identifire of my api ap on auth0.
here is one of my access tokens:
eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiaXNzIjoiaHR0cHM6Ly9jcGQtdGVuYW50LnVzLmF1dGgwLmNvbS8ifQ…vtY5OEu0kLQ_QCUd.7weF4a-7fgGTZ9-VPLLDMSQNmWy_KOt8Tqyhaaz9f-SVqfeDOa7LmLx8aQGYXNHnjoNR_BN9P9VDGI5Qch3PjYA8dSGbVfqO0sRJfVHGX8PsUnEHRD3Ak6KAfmFw7v-8-V5O2FJCSQXuTqZFt4AW_iMYTt2d6PXred4uxp_Yjfx8JfBaXbi5sDbP4-Q5-w.Q4wmKgszZM9yzh2-sKaiuw
Here is what the debugger says
Hi tyf
I had a look around and it seems like the audience was not been set correctly based on my config file. but now i get a correct access token that can get access to my api endpoints.
Heres what i did for anyone who might struggle with the same issue.
1 Like
Hey @sellochrismodise glad you were able to get this sorted!
That’ll do it! Without an audience param you were getting back an opaque token which can only be used against the /userinfo endpoint.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.