No scopes in JWT key, all API endpoints return 401 "Invalid token"

tomcatmwi · January 29, 2023, 5:41pm

I’m trying to access the Auth0 API from a Node.js Typescript application. Notably, it used to work for 3 years, but suddenly it doesn’t. I’m the only developer, and I may have misconfigured something, but can’t find what.

My app, upon boot, connects to Auth0 API using Axios, and gets the access and ID tokens correctly. I was able to replicate this step in Postman too.

The token I received contains an empty array for roles. This might be the problem.

Following this, any and all calls to the API returns a 401 error. I am using /roles for testing.

My Auth0 API has read:roles enabled. My Auth0 admin API naturally also has it.

What could be the problem?

tyf · February 1, 2023, 2:19am

Hi there @tomcatmwi welcome to the community!

How are you adding the roles to your token(s)? There is a chance you might be running into the following:

Keep us posted!

tyf · February 16, 2023, 2:19am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Actions not setting claims/roles in JWT Help user-profile , user-management	3	1024	January 26, 2023
Auth0 JWT doesn't have requested API Scopes Help jwt , scopes	10	4399	September 4, 2021
Angular + .NET authorization Help management-api , roles	1	842	August 24, 2023
JWT permissions empty Help	2	1884	December 22, 2022
Roles request failing - "Bad HTTP authentication header format" Help auth0 , auth0-spa-js	2	8030	January 9, 2020

No scopes in JWT key, all API endpoints return 401 "Invalid token"

Related Topics