No scopes in JWT key, all API endpoints return 401 "Invalid token"

I’m trying to access the Auth0 API from a Node.js Typescript application. Notably, it used to work for 3 years, but suddenly it doesn’t. I’m the only developer, and I may have misconfigured something, but can’t find what.

My app, upon boot, connects to Auth0 API using Axios, and gets the access and ID tokens correctly. I was able to replicate this step in Postman too.

The token I received contains an empty array for roles. This might be the problem.

Following this, any and all calls to the API returns a 401 error. I am using /roles for testing.

My Auth0 API has read:roles enabled. My Auth0 admin API naturally also has it.

What could be the problem?

Hi there @tomcatmwi welcome to the community!

How are you adding the roles to your token(s)? There is a chance you might be running into the following:

Keep us posted!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.