Hello !
I need some help :c
I’m trying to authenticate my request on postman so i can call my ASP.NET Core API, securize with jwt authentication.
I’ve already did that a couple months ago without any problem.
But now, i’ve created a new tenant
Created a new API in auth0,
Configured my API with my new audience and my new domain
then, i created a client app, so i can have a client Id and a client secret.
Then i came in my postman collection.
Edited my environment variables so all my calls use the new tenant’s apps.
And what a surprise when i got a 401 unauthorized on my API.
When i came back to the olds value from old tenant (auth0 domain’s ([tenant].auth0.com), clientId, clientSecret, audience)
And change the audience in my ASP NET Core API. It worked.
I inspected both generated tokens
And it cames with the fact that, one has in his header “alg: RS256” and a fullfilled payload (the one which work)
and the other has in his header “alg: dir” and an empty payload.
So i dont really undestand what i misconfigured in my apps.
I tried to compare both API and both client apps, nothing came to be different.
If you had any idea on why it does not work, i would be very thankfull !
Thanks for your help !