No scopes in JWT key, all API endpoints return 401 "Invalid token"

tomcatmwi · January 29, 2023, 5:41pm

I’m trying to access the Auth0 API from a Node.js Typescript application. Notably, it used to work for 3 years, but suddenly it doesn’t. I’m the only developer, and I may have misconfigured something, but can’t find what.

My app, upon boot, connects to Auth0 API using Axios, and gets the access and ID tokens correctly. I was able to replicate this step in Postman too.

The token I received contains an empty array for roles. This might be the problem.

Following this, any and all calls to the API returns a 401 error. I am using /roles for testing.

My Auth0 API has read:roles enabled. My Auth0 admin API naturally also has it.

What could be the problem?

tyf · February 1, 2023, 2:19am

Hi there @tomcatmwi welcome to the community!

How are you adding the roles to your token(s)? There is a chance you might be running into the following:

Keep us posted!

tyf · February 16, 2023, 2:19am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Auth0 suddenly not allowing not namespaced custom claims in the token Help	3	1667	December 22, 2022
Unable to set 'role' claim JWT.io jwt , auth0 , rules	4	4843	August 30, 2019
Actions not setting claims/roles in JWT Help user-profile , user-management	3	1027	January 26, 2023
Auth0 JWT doesn't have requested API Scopes Help jwt , scopes	10	4415	September 4, 2021
Manually Added Roles to Access Token is Not Authorizing API Methods Help	2	3436	November 27, 2019

No scopes in JWT key, all API endpoints return 401 "Invalid token"

Related topics