Passwordless doesn't return id_token if audience is set


We are starting a passwordless flow with the following parameters:

	"client_id": "client_id....",
	"connection": "email",
	"email": "email....",
	"send": "link",
	"authParams": {
        "scope": "openid profile email",
	    "audience": "audience...",
	    "response_type": "token"

However it only returns access token and no id_token. If I remove audience it returns access token and id token but this access token is not what I want. And if I change repsonse_type to token id_token then the link won’t work. Please tell me how to get both access token and id token with an audience.

Solved. I used auth0 passwordless lock to generate a passwordless email link and it worked with audience. The missing piece in authParams json is nonce, once I add a randomly generated one it works.

Glad you were able to eventually make it work!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.