When im trying to login using the Wordpress plugin I can see in the Auth0 dashboard logs that everything is working fine, but in Wordpress im getting this error:
Warning : openssl_verify(): supplied key param cannot be coerced into a public key in /path/to/wordpress/wp-content/plugins/auth0/lib/php-jwt/Authentication/JWT.php on line 186
You have logged in successfully, but there is a problem accessing this site: Invalid ID token (no algorithm) [error code: unknown]
I have the exact same settings in my local environment and there it seems to be working just fine. Am i doing something wrong or this is a known bug?
I’ve seen that error pop up now and then and it’s typically related to server configuration. It’s saying that the certificate it’s getting is not valid for ID token decoding. That certificate is generated here:
Is your token algorithm in WordPress set to the same one as Auth0? wp-admin > Auth0 > Settings > Basic tab for WordPress, Auth0 Dashboard > Application settings > Advanced (at the bottom) > OAuth tab > JsonWebToken Signature Algorithm for Auth0? And is that set to HS256 or RS256?
Might be worth pinging your host with this question as well.
Glad you got it figured out and thanks for checking back in! It would be worth it to investigate what’s going wrong as RS256 is the setting we recommend. Good explanation here: