Auth0 Home Blog Docs

Passwordless doesn't return id_token if audience is set



We are starting a passwordless flow with the following parameters:

	"client_id": "client_id....",
	"connection": "email",
	"email": "email....",
	"send": "link",
	"authParams": {
        "scope": "openid profile email",
	    "audience": "audience...",
	    "response_type": "token"

However it only returns access token and no id_token. If I remove audience it returns access token and id token but this access token is not what I want. And if I change repsonse_type to token id_token then the link won’t work. Please tell me how to get both access token and id token with an audience.


Solved. I used auth0 passwordless lock to generate a passwordless email link and it worked with audience. The missing piece in authParams json is nonce, once I add a randomly generated one it works.


Glad you were able to eventually make it work!

closed #4

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.