After login when i am trying to get the user details it is send error in respone as below
{
"error": {
"name": "Unauthorized",
"message": "Invalid token",
"statusCode": 401,
"requestInfo": {
"method": "get",
"url": "https://dev-e48f02pgr13we72c.us.auth0.com/api/v2/users/auth0%7C64c888b07f18450dc24cb099"
},
"originalError": {
"status": 401,
"response": {
"req": {
"method": "GET",
"url": "https://dev-e48f02pgr13we72c.us.auth0.com/api/v2/users/auth0%7C64c888b07f18450dc24cb099",
"headers": {
"content-type": "application/json",
"user-agent": "node.js/18.16.1",
"auth0-client": "eyJuYW1lIjoibm9kZS1hdXRoMCIsInZlcnNpb24iOiIzLjYuMCIsImVudiI6eyJub2RlIjoiMTguMTYuMSJ9fQ",
"authorization": "[REDACTED]",
"accept": "application/json"
}
},
"header": {
"date": "Tue, 01 Aug 2023 06:51:00 GMT",
"content-type": "application/json; charset=utf-8",
"content-length": "106",
"connection": "close",
"cf-ray": "7efc2669a9ac4ad4-HYD",
"cf-cache-status": "DYNAMIC",
"cache-control": "no-cache",
"strict-transport-security": "max-age=31536000",
"vary": "origin, Accept-Encoding",
"www-authenticate": "Bearer error=\"Invalid token\"",
"access-control-expose-headers": "WWW-Authenticate,Server-Authorization",
"ot-baggage-auth0-request-id": "7efc2669a9ac4ad4",
"ot-tracer-sampled": "true",
"ot-tracer-spanid": "1ac1e404795ebcc4",
"ot-tracer-traceid": "1a534d0a01d9f0ea",
"traceparent": "00-00000000000000001a534d0a01d9f0ea-1ac1e404795ebcc4-01",
"tracestate": "auth0-request-id=7efc2669a9ac4ad4,auth0=true",
"x-content-type-options": "nosniff",
"server": "cloudflare",
"alt-svc": "h3=\":443\"; ma=86400"
},
"status": 401,
"text": "{\"statusCode\":401,\"error\":\"Unauthorized\",\"message\":\"Invalid token\",\"attributes\":{\"error\":\"Invalid token\"}}"
}
}
}
}
Actual implementation is below.
const express = require('express');
const router = express.Router();
const dotenv = require('dotenv');
const { AuthenticationClient, ManagementClient } = require('auth0');
dotenv.config();
const auth0 = new AuthenticationClient({
domain: process.env.DOMAIL,
clientId:process.env.CLIENT_ID
clientSecret: process.env.SECRET,
});
const management = new ManagementClient({
domain: process.env.DOMAIL,
clientId: process.env.CLIENT_ID,
clientSecret: process.env.SECRET,
audience: process.env.AUDIENCE,
});
router.post('/login', async (req, res) => {
const { username, password } = req.body;
try {
// Attempt to authenticate the user with Auth0's Resource Owner Password Grant
const response = await auth0.passwordGrant({
username: username, // Allow login with either email or username
password,
audience: "https://dev-e48f02pgr13we72c.us.auth0.com/api/v2/",
scope: 'openid profile email', // Add any additional scopes as needed
});
console.log(response.access_token);
// Fetch user data including roles using the Management API
const user = await management.getUser({ id:"auth0|64c888b07f18450dc24cb099"})
console.log(user);
// Return the access token and user information
res.status(200).json({ accessToken: response.access_token, user: response });
} catch (error) {
console.error('Error during login:', error.message);
res.status(401).json({ error: error });
}
});
module.exports = router;